• Dodge Data Breaches with Real-Time PCI Compliance

    Aaron Reynolds, VP, Cyber Assurance – Payments, Coalfire

    It’s been five years since the PCI Council released the first “Best Practices for Maintaining PCI DSS Compliance” guidance document in August 2014. Since then, many prominent payment data breaches have occurred, with the finger often pointing to lapses in the affected organization’s compliance program for the PCI DSS.

    Read more
  • When Checking the Box Results in Two Zero Days and Root (CVE-2019-14257 and CVE-2019-14258)

    Jakob Nelson, Associate, Coalfire Labs

    Finding new bugs and exploiting them can be exciting and fun for a penetration tester. I was ecstatic to find my first two zero-days, and I used them to break a system from no access to root. This was a good day for me – but the story behind the story provides some real lessons enterprises can apply to their security programs.

    Read more
Top