@attritionorg if you secure your systems, they will meet PCI compliance, the opposite is not true (as you pointed out)
-
-
@attritionorg@sec_prof Sure I can. I need 89 more tweets though. Point is, the PCI prescription for security != all possible solutions -
-
@attritionorg@sec_prof No, my point is that PCI != Security AND Security != PCI. Both directions is true. -
@sawaba I'll agree with that, you cited some good examples. Now, we can disagree on a solid pentester. -
@attritionorg Really? You think our definition of a good pentester would be that different? -
@sawaba It must be. Ones I have talked to for *years* have basically had a 100% success rate on pentests that were scoped decently. -
@attritionorg It depends on what we call success. If you gain access to a system, but couldn't get CCNs (the goal), did you succeed? -
@sawaba Never heard of that happening. Testers I know have popped card data on "PCI certified" systems every time they tried. - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.