Virtual

Managing Open Source Vulnerabilities for PCI DSS Compliance

PCI DSS version 4.0 contains a host of new practices that will become requirements on March 31, 2025. In this talk, we focus on a change that looks — at first glance — to be minor, but in reality could have significant implications for Application Security teams: the requirement to manage all internal vulnerabilities, regardless of criticality.

We’ll focus on how to address open source software (OSS) vulnerabilities, including:

  • What it means to “manage vulnerabilities”
  • Why OSS presents the greatest risk to compliance with this new requirement
  • The security tool problem preventing organizations from addressing OSS risk
  • Getting accurate dependency inventories and prioritizing remediation
  • Setting up guardrails to ensure developers select safe OSS dependencies
Date
June 18, 2024
Time
9:00am - 9:30am PT
Location

Sign up now

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Event Overview

Schedule

No items found.

Heading

No items found.

Want to stay in the loop?

Sign up for our newsletter.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.