article thumbnail

Coffee with the Council Podcast: Scoping and Segmentation: Navigating Modern Network Architecture and PCI DSS v4.x

PCI perspectives

Recently, PCI SSC published a new information supplement called PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council.

article thumbnail

Data Wallets Using the Solid Protocol

Schneier on Security

I am the Chief of Security Architecture at Inrupt, Inc. , This week, we announced a digital wallet based on the Solid architecture. Details are here , but basically a digital wallet is a repository for personal data and documents. Right now, there are hundreds of different wallets, but no standard.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Metadata Left in Security Agency PDFs

Schneier on Security

Really interesting research : “Exploitation and Sanitization of Hidden Data in PDF Files” Abstract: Organizations publish and share more and more electronic documents like PDF files. All these information can be exploited easily by attackers to footprint and later attack an organization.

article thumbnail

Network Security Architecture: Best Practices & Tools

eSecurity Planet

Network security architecture is a strategy that provides formal processes to design robust and secure networks. This article explores network security architecture components, goals, best practices, frameworks, implementation, and benefits as well as where you can learn more about network security architecture.

article thumbnail

Safety and Security in Automated Driving

Adam Shostack

I would find it more surprising if I were to look at a 150 page document and not find anything surprising.) I also like Figure 27 & 28 (shown), showing risks associated with a generic architecture. Give specific threat information and mitigation strategies to component designers. I find some parts of it surprising. (I

Risk 189
article thumbnail

New Information Supplement: PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures

PCI perspectives

The PCI Security Standards Council (PCI SSC) has published a new Information Supplement:  PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures. This

article thumbnail

Threat Model Thursday: Architectural Review and Threat Modeling

Adam Shostack

[no description provided] For Threat Model Thursday, I want to use current events here in Seattle as a prism through which we can look at technology architecture review. Let's transition from the housing crisis here in Seattle to the architecture crisis that we face in technology. Seattle has a housing and homelessness crisis.