PA DSS Training

PA-DSS Standard – Why boot camp ?

The Application which stores, processes, or transmits cardholder data as part of authorization or settlement is not eligible for validation under PA DSS, if

  1. The application is in beta version
  2. The application is developed in-house and only used by the company that developed the application
  3. The application is developed and sold to a single customer for the sole use of that customer
  4. All of the above

Cybersecurity workforce is expected to rise to 6 million by 2019, with a projected shortfall of 1.5 million

Boost your competitive advantage with this industry credential

Understand PA DSS and gain real-world insights on best practices implementation

Incubate a thought blast information security program in your organisation

Do you really need a QSA to do validate PA-DSS compliance ?

Can you choose, not to encrypt card holder data and still become PA-DSS compliant ?

Do states have laws requiring data breach notifications to the affected parties?

The true mettle of PA DSS lies in implementation and maintenance

PCI DSS may be the buzz word but there are other standards council is promoting. PA DSS falls in second to PCI DSS. The PA-DSS has indeed been branched off from the PCI-DSS standard and tailored to suite applications, which are present in the PCI-DSS environment. PA DSS is one among the matured standards in the industry to evaluate the application against, showcases the security index of your application.

PROGRAM OVERVIEW

DURATION2 Days
PA-DSS OverviewAn overview of the PA-DSS Standard will be covered in this session including the terminologies used will be discussed.
PA-DSS v3.2 – 101Overview on the PA-DSS lifecycle and the adoption of changes in technology by the PA-DSS standards will be discussed in detail.
PA-DSS RequirementsHow the PA-DSS requirements are pertinent in an environment and the various challenges, conceptions and techniques will be suggested
Current Industry Trends and ChallengesWhat are the challenges in the industry in implementing PA-DSS controls and how it overcome with commonplace technology controls.
Real Time SolutionsThe session will be interactive in conduct and will include discussion of various tools, techniques and solutions, for meeting the intent of the requirements defined in the PA-DSS standard.
QSA Opinion – Intent vs ImplementationThe session will also discuss the role of a QSA in construing the intent of the requirement while evaluating the controls which have been implemented.
ScenariosThe entire standard will be presented as scenario based analysis

PROGRAM HEURISTICS

EXPERTISE
The speakers are highly experienced QSA’s and have conducted the PA-DSS sessions worldwide and has trained professionals across various verticals.
METHOD
The session will be designed around a classroom based awareness, which will enable the teams interact with each other as a whole.
INTERACTION
The teams are requested to interact with the trainers, who have experience as a QSA having certified numerous organizations.
HANDOUTS
All the material which will be presented to the teams will be made available in the handouts given to the teams. All the extra reads and the suggested reading links and references will also be included.
TEMPLATES
The PA-DSS v3.2 standards warrants the requirements of various documents in the form of forms, approvals, justifications, change management, policies and procedures. While much of these documents are specific to each organization, a template for all the documents which are common, with respect to the PA-DSS requirements will be shared with the attendees.
PRE-READ
A pre-read of the PA-DSS standards and associated terminologies is encouraged, though not mandatory. This helps the session aim at the changes, techniques for implementation and its other core focusses, rather than focussing on the requirements themselves.
QUESTIONS
The audience are encouraged to cite real time scenarios and bottlenecks of implementation to seek the QSA advise on any impending issues.
We came to understand the standards and the approach to be taken to secure our assets,”THE DATA”
It’s always useful to look into security from security team perspective
The highlight of the workshop was the test.
It was very good , they were able to explain the standards through scenarios
X

Pop up

We use cookies and other tracking technologies to improve your browsing experience on our website, to show you personalized content and targeted ads, to analyze our website traffic, and to understand where our visitors are coming from. While using our website, we may ask you to provide us with certain personally identifiable information, that can be used to contact you about our service offerings. By browsing our website, you consent to our privacy and cookies policy.