Hi SC-L, We put out a little freebie here that you might find useful in your dev shop if you are subject to PCI. Feedback is welcome:
Foundstone Professional Services, a Division of McAfee, has recently released a free 2-hour computer based training entitled "PCI DSS v1.1 Compliance for Developers." This hype-free CBT focuses on the PCI DSS requirements and sub-requirements that are most relevant to software developers and offers developer-to-developer technical advice to help achieve compliance. Software security best practices are also stressed throughout the presentation. This is not an advertisement for McAfee products or Foundstone services, just solid information that will help your development teams create more secure software. You can obtain the CBT at this link: https://www.foundstone.com/us/resources/downloads/pci_compliance_developers.zip The 38MB download requires Flash and is SCORM-compliant so you can easily integrate it into your existing e-Learning system. If you want a higher-quality version please let me know off-list. Disclosure: I work for Foundstone. Regards, Roman Hustad _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
