PCI-DSS-WTF? presented at OWASPNewZealandDay 2020

by Peter Jakowetz,

Summary : The PCI-DSS standard is a pretty big document, and contains a lot of information, but what does a developer need to know from there to get their job done?This talk discusses the following:Summary of what’s in the PCI-DSSSummary of why it’s important, and that it is really just a minimum standard for good practiceHow it compares to other standardsWhat the different acronyms mean (SAQ, AOC, ROC etc)What are the key bits for developersWhat testing can developers do to make this work for themWhat can be automated by developers to make this work for themHow do you benefit by meeting the standard