Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« Security Development Lifecycle (SDL) Banned Function Calls | Main | Javascript is everywhere »

Big trouble if PCI-DSS requires CSRF

Jeremiah Grossman has a post asking the question 'what if PCI-DSS requires CSRF protection?'. Short answer, just about everybody is vulnerable (more than XSS) and making people be compliant to it is going to be almost unrealistic.

Article Link: http://jeremiahgrossman.blogspot.com/2007/03/big-trouble-if-pci-dss-requires-csrf.html

Posted by Robert A. on 03/15/2007 in Compliance , CSRF | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!


Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals