PCI DSS Secure Coding Workshop
Secure coding training from application security experts
Overview
PCI DSS Requirement 6.5
The Payment Card Industry Data Security Standard (PCI DSS) requires that organisations developing applications that handle card data secure their software against common vulnerabilities. As part of this, PCI DSS compliant organisations need to train their software developers in secure coding techniques.
Our PCI DSS Secure Coding Workshop
This is where we come in. 4ARMED’s consultants have been helping organisations implement PCI DSS since 2006, we’ve also been writing code and hacking web applications all that time too so we put all that together into an intensive half-day workshop that we can deliver on site at your office, our office or another location of your choosing.
Our PCI DSS Secure Coding training aims to provide developers with an understanding of the issues highlighted in PCI DSS requirement 6.5, how they manifest themselves, how hackers find them and what the impact can be and then, most importantly, we explain how to code defensively to prevent these weaknesses. We explain what works and what doesn’t and some common issues we encounter during our penetrating testing engagements.
Benefits
Assurance
Security Testing helps you gain assurance over your risk. Everything should be coded and configured correctly and securely but testing provides assurance that no mistakes have been made.
Compliance
Penetration Testing is required by a number of compliance standards such as PCI DSS. Our security testing services can help you achieve or maintain compliance.
Cost Effective
Sensible rates, a pragmatic approach and recommendations that make a difference all add up to a cost effective overall solution. Take advantage of a Managed Security Testing contract and see even better return on your investment.
Continual Improvement
Each report contains a root cause analysis and, if you take a Managed Security Testing contract we can help you implement a continuous improvement cycle focused on your specific problem areas.
What To Expect
Overview
Workshop Outline
Example Services
We are entirely flexible around what you need. It may be a long term project or just a few pointers. Here are some examples of challenges we can help with.
- Design and implement effective RBAC
- Service Mesh Implementation
- Secure non-root container builds
- Logging and Monitoring
- Secure CI/CD pipeline into your clusters
- Hardening your masters and nodes
- Pod Security Policies
- Container vulnerability scanning and patch management
- Network Policies
Requirements
There are only three requirements we have for delivering the workshop at your office:
- Projector with VGA or HDMI connector
- Power
- Internet access for our trainer
Reviews
Lorem ipsum dolor sit amet, no est erant persius iudicabit. Vide viderer no vel, ei pri scripta placerat tacimates. Cu est nonumes ancillae, liber sonet ei vim. Ei mundi blandit eum, no possit essent eum, solum scripserit voluptatibus quo cu.
John Doe
Job Role, Company
Lorem ipsum dolor sit amet, no est erant persius iudicabit. Vide viderer no vel, ei pri scripta placerat tacimates. Cu est nonumes ancillae, liber sonet ei vim. Ei mundi blandit eum, no possit essent eum, solum scripserit voluptatibus quo cu.
John Doe
Job Role, Company
Resources
Typical Engagement Overview
ReadContact Us
Want to discuss your requirements further? Wondering whether Application Penetration Testing is right for your business? There's an easy way to find out, give us a call or complete the contact form below to tell us where you're at and we will work with you to find the best solution for you.