Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

11/17/2010
07:34 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CyberSource, Trustwave Team

CyberSource has engaged Trustwave to provide its merchants access to TrustKeeper PCI

CHICAGO (November 11, 2010) – Trustwave, a leading provider of information security and compliance solutions, has entered into a partnership with CyberSource Corporation. Under the terms of the agreement, Trustwave will have the opportunity to provide Payment Card Industry Data Security Standard (PCI DSS) compliance validation solutions to CyberSource’s merchant customers.

PCI DSS compliance is a requirement for all organizations that accept credit cards or debit cards as a form of payment and has been endorsed by all of the major card brands, including Visa Inc., MasterCard Worldwide, Discover Financial Services, American Express, and JCB International.

In order to assist in the compliance efforts of merchants, CyberSource has engaged Trustwave to provide its merchants access to TrustKeeper' PCI, Trustwave’s industry-leading PCI DSS compliance web portal.

TrustKeeper PCI facilitates PCI DSS compliance validation in an easy and efficient manner. Using its dynamic PCI Wizard, merchants answer a personalized questionnaire that simplifies the complex terminology of PCI DSS compliance requirements. TrustKeeper PCI also helps merchants complete the PCI Self-Assessment Questionnaire, schedule required vulnerability scans, and receive their PCI DSS compliance certificate.

Additionally, after a simple download, merchants are provided access to TrustKeeper Agent which serves as a beaconing device that performs compliance checks on merchants’ payment systems and sends that data back to TrustKeeper PCI. This prevents merchants from unintentionally storing unencrypted cardholder data or track data.

As an additional component of the partnership, TrustKeeper PCI provides online educational and compliance tools for merchants to help build awareness of the PCI DSS requirements. Online video tutorials guide merchants through general cardholder data security, the PCI DSS, and how to comply with the standard. On-demand help, tutorials and tools such as TrustKeeper PCI’s Security Policy Advisor and Security Awareness Education help merchants efficiently complete PCI DSS validation.

“Working with Trustwave, we believe we can offer our merchant customers a simplified path to PCI DSS compliance validation,” said Michael McGirr, Director, Global Risk at CyberSource. “We are delighted to be partnering with Trustwave, long one of the leaders in payment card security compliance management.”

“Trustwave’s compliance suite is specifically geared to help businesses understand and achieve PCI DSS compliance,” said Doug Klotnia, Executive Vice President of Product and Strategic Sales at Trustwave. “CyberSource merchants will be provided with a holistic approach to PCI DSS compliance validation which includes education, support and ultimately, compliance.”

About Trustwave Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today’s challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper' compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).