I started to write a detailed feedback post on the 2010 PCI Community Meeting in Orlando that I attended last week, but realized that there were far more intelligent people than myself already posting, so I’m going to keep my commentary to impressions and general feedback and provide some links to posts that should prove useful for those that are interested in some of the details that came out of the meeting (and what’s coming in PCI / PA 2.0).
To begin with, the entire attitude of the meeting this year …

OK - so I’m on a plane this afternoon (for the 4th week in a row - my wife loves me right now!) heading to Orlando - it’s time for the PCI Community Meeting!
Last year blogging was unofficially encouraged, but there really wasn’t all that much to blog about - this year should prove a bit different given the release of the updated standard.  I’ll try to put together a post or two on relevant and interesting information (that I’m allowed to share), but I’ll also be the moderator on …

I’ve been traveling a lot lately and, although I’ve read and had lots of commentary about a number of blog posts and news article recently relating to retail security, I haven’t had the time to write them down and post them…
So I’ve decided that I’m going to post a summary of the posts and articles that I’ve read over the last week or so that I’ve thought were interesting and relevant.  This isn’t what I’d really prefer to do - I’d much rather take the opportunity to rant about something …

I walked into the office this morning and got this in my RSS feed aggregator:
VISA Provides Guidance on Secure Implementation and Management of Payment Applications [link]
After taking a look at the press release and looking through the actual document that VISA (and SANS apparently) produced [link] I think it’s a pretty interesting move on the part of VISA.  If you haven’t yet taken a look and you work for a retailer or a software vendor that sells to the retail space, I’d advise downloading the …

Hey look - another lawsuit….
Well - right now it’s just the threat of a suit…  The information is a bit thin and I’m not sure (based on the press release) whether or not this is a complaint about the software, the implementation of the software, the hardware system, or all of the above.
What it does look like is a bit of a fishing exercise by the law firms - let’s send out the press release, make it general enough that we include just about anyone that even thought about touching the …