Reply to post: pci is near useless

Ticketmaster breach 'part of massive bank card slurping campaign'

andy bird

pci is near useless

Nearly all of the PCI mandated 'hoops' and certainly the typical Security Metrix type scans all focus on the server side of the problem.. which is the least likely attack vector.

Why bother attacking the 300ft wall when the application just leaves the door wide open. PCI scans almost never flag unpatched / out of date applications.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019