Stamford, CT May 22, 2008: As the June 30th deadline approaches, merchants, banks, card processors, and service providers are trapped between the necessity of complying with PCI mandated web application security regulations and the need to secure their systems properly.
In accordance with Section 6.6 of the new PCI DSS requirements, organizations must either complete a full software code review of all of their Web Applications or deploy a web application firewall by June 30. According to Ounce Labs, Protegrity, and new research from the PCI Knowledge Base, to achieve real security, companies need to do both.
A complimentary webcast being held on May 28, 2008 at 1:00 pm EST featuring security experts from Protegrity and Ounce Labs will provide realistic guidance on devising and deploying a web application security plan designed to enable PCI compliance and achieve real security that dovetails with business and operational requirements.
“Code analysis or web application firewalls alone will not provide an adequate level of security,” said Dave Taylor, founder of the PCI Knowledge Base. “A combination of the two is needed to really protect web applications. If organizations implement one, but not the other by the June 30th deadline, they will be in compliance. But they will not be secure.”
“The significant and growing threat of application attacks means that application security should be a high priority for any organization with Web applications,” said Claudia Dent, Senior VP of Product Management at Ounce Labs. “Source-level analysis is required because a majority of customer credit information exposures occur as a result of issues with access control, authorization, and data storage/transmission which are problems often found only within the application source code itself. Performing a code review is an essential piece of any comprehensive application security strategy.”
“Web applications are increasingly under attack by malicious hackers,” said Phil Dinsmore, General Manager of Web Application Security at Protegrity. “Web application firewalls that detect and prevent those attacks are an integral part of a multi-tiered approach to web application security.”
The webcast will enable companies, press, and analysts to leverage the extensive real-world customer experience of the presenters to understand how leading companies are protecting their web applications, and how Web Application Firewalls and Security Source Code Analysis provide different and complementary controls.
Register for the webcast at:
https://www302.livemeeting.com/lrs/0000014345/Registration.aspx?pageName=kq2rzvfpqhj6226j
ABOUT PROTEGRITY
Protegrity delivers centralized data security management solutions that protect sensitive information from acquisition to deletion across the enterprise. Protegrity’s customers maintain complete protection over their data and business by employing software and solutions specifically designed to encrypt data, safeguard web applications, and manage and report on security policy.
The company’s singular focus is on developing solutions that protect data. Protegrity employees are security technology specialists with deep expertise in encryption, key management, web application firewalls and security policy in distributed environments. Maximize security with minimal business impact with Protegrity’s Defiance® Suite, the high performance, transparent solution optimized for the dynamic enterprise.
To learn more, visit www.protegrity.comor call 203.326.7200
Protegrity and Defiance are either registered trademarks or trademarks of Protegrity Corporation. All other trademarks are the property of their respective owners.
About Ounce Labs, Inc.
Ounce Labs’ industry-leading source code analysis solutions enable organizations to analyze their applications to identify, prioritize and eliminate software security vulnerabilities. Ounce delivers the accuracy, immediate time-to-value, and automated workflow that large enterprises demand while helping organizations such as EDS, IBM, Intel, Lockheed Martin, MFS, the U.S. Government Accountability Office, Unisys and VeriSign, to strengthen application security and protect confidential information. Ounce also helps organizations to verify compliance with internal policies and industry mandates including PCI DSS, FISMA, HIPAA and others. For more information, please visit www.ouncelabs.com.
For further information, contact:
Steven Blinn
BlinnPR
212-675-4777
steven@blinnpr.com
Paul Giardina
Protegrity
203-326-7200
paul.giardina@protegrity.com
Peter Crosby
Ounce Labs
781.547.7012
peter.crosby@ouncelabs.com
