Description: https://www.defcon.org/images/defcon-18/dc-18-presentations/Panels/DEFCON-18-Panel-PCI.pdf
PCI at DefCon? Are you on drugs? Sadly, no- compliance is changing the way companies do security, and that has an effect on everyone, defender, attacker, or innocent bystander. If you think all that 0-day you've heard about this week is scary, ask yourself this: if a company accepts credit cards for payment, which is a more immediate threat- failing an audit or the possibility of being compromised by an attacker? That is one of the reasons they do not listen to us when we try to improve security in our environments- as real as they are, our threats are theoretical compared to failing a PCI assessment. Systems are hardened against audit, not attack. Sadly, this is often an improvement, but this can also reduce security and provide a template for attackers. This panel will discuss and debate strengths and weaknesses of PCI, expose systemic problems in PCI-DSS, and propose improvements.
Tags: securitytube , defcon , def con , hacking , hackers , information security , convention , computer security , DC 18 , defcon-18 , dc-18 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.