7MS #409: PCI Professional Certification (PCIP)
7 Minute Security9 Apr 2020

7MS #409: PCI Professional Certification (PCIP)

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

Today I'm starting a journey to become a PCI Professional (PCIP), and I'll be periodically updating the status of this journey on the 7MS forums.

You don't need to be a QSA to get a PCIP, but you do need "2 years in IT or payments related background to have your application approved."

The PCIP certification gives you (and I'm quoting from the PCI Web site):

  • Principles of PCI DSS, PA-DSS, PCI PTS, and PCI P2PE Standards
  • Understanding of PCI DSS requirements and intent
  • Overview of basic payment industry terminology
  • Understanding the transaction flow
  • Implementing a risk-based prioritized approach
  • Appropriate uses of compensating controls
  • Working with third-parties and service providers
  • How and when to use Self-Assessment Questionnaires (SAQs)
  • Recognizing how new technologies affect the PCI (e.g. virtualization, tokenization, mobile, cloud)

The test costs + exam for a non-participating organization (like 7MS) is $2,500. You also have to re-up every 3 years for $260 (yay, another thing to have to pay for regularly).

In the miscellany department:

  • Do you know someone who would enjoy a live 3-song acoustic concert? Check out my family's new ministry, Q.U.A.C.K. - Quarantined Unplugged Acoustic Concerts of Kindness.

  • A Webinar on creating kick-butt cred-capturing phishing portals is happening on Tuesday, April 14! Register here!

Episoder(720)

7MS #432: Tales of Internal Network Pentest Pwnage - Part 21

7MS #432: Tales of Internal Network Pentest Pwnage - Part 21

Yay! It's time for another tale of pentest pwnage! Highlights include: Making sure you take multiple rounds of "dumps" to get all the delicious local admin creds. Why lsassy is my new best friend....

16 Sep 202044min

7MS #431: How to Succeed in Business Without Really Crying - Part 8

7MS #431: How to Succeed in Business Without Really Crying - Part 8

Today we're talking business! We've got some exciting news and updates to share with you since we last did a "crying" episode last fall: 7MS hired a VP of sales and marketing: Clyde Cooper! We've add...

9 Sep 202049min

7MS #430: Interview with Dan DeCloss

7MS #430: Interview with Dan DeCloss

Today we're thrilled to have our friend and PlexTrac CEO Dan DeCloss back to the program! (P.S. PlexTrac is launching runbooks as a feature - and you should definitely check out PlexTrac's upcoming We...

2 Sep 202056min

7MS #429: Cyber News - Free Bitcoin for Everybody Edition

7MS #429: Cyber News - Free Bitcoin for Everybody Edition

Hola! We're back again with our amigo Joe "The Machine" Skeen (a.k.a. Gh0sthax) who has prepared some awesome and actionable news stories for us to digest. Today's stories include: The Twitter hack ...

26 Aug 202041min

7MS #428: Tales of Internal Network Pentest Pwnage - Part 20

7MS #428: Tales of Internal Network Pentest Pwnage - Part 20

Welcome to another fun tale of internal pentest pwnage! Today's tale includes these helpful informational tidbits: My understanding is that in order for mitm6 relay attacks to work against DCs, thos...

19 Aug 202053min

7MS #427: Interview with Ameesh Divatia from Baffle

7MS #427: Interview with Ameesh Divatia from Baffle

Today we're thrilled to welcome Ameesh Divatia from Baffle back to the program. We first met Ameesh back in episode 349 and today he's back to discuss a slew of additional hot security topics, includi...

12 Aug 202042min

7MS #426: Tales of Internal Pentest Pwnage - Part 19

7MS #426: Tales of Internal Pentest Pwnage - Part 19

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersec...

7 Aug 202049min

7MS #425: DIY Pentest Dropbox Tips - Part 2

7MS #425: DIY Pentest Dropbox Tips - Part 2

Today's episode is all about creating and deploying your own pentest dropbox! In part 1 I talked about some "gotchas" but this time around I'm ready to dump a whole slug of specific and updated tips o...

30 Jul 202037min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
popradet
stopp-verden
fotballpodden-2
rss-gukild-johaug
lydartikler-fra-aftenposten
nokon-ma-ga
det-store-bildet
hanna-de-heldige
dine-penger-pengeradet
rss-ness
rss-espen-lee-usensurert
aftenbla-bla
e24-podden
rss-dannet-uten-piano
rss-penger-polser-og-politikk
frokostshowet-pa-p5