This course provides a thorough introduction to the requirements that the PCI Software Security Framework (SSF) introduces. PCI SSF replaces the PCI Payment Application Data Security Standard (PA-DSS), which will be retired in October 2022, and introduces two new standards and associated validation and listing programs: the Secure Software Standard and Secure Software Life Cycle Standard.
The main goal of this course is to present the requirements that these standards introduce for creating payment software that is designed, engineered, developed, and maintained in a manner that protects payment transactions and data, minimizes vulnerabilities, and defends against attacks. Students will learn to conduct a gap analysis and create a roadmap to ensure that their software life cycle and the payment software they produce is compliant to PCI SSF. They will also gain a thorough understanding of the areas they need to focus on in order to protect the security of sensitive and payment data that is stored, processed, or transmitted by the software.
Delivery Format: eLearning
Duration: 1 hour
Level: Beginner
Intended Audience:
Prerequisites:
Software Security Governance
Design
Data Protection
Authentication and Access Control
Change and Vulnerability Management
Security Monitoring
Communication with Stakeholders
Terminal Software Security
Documentation and Implementation Guidance
Equip development teams with the skills and education to write secure code and fix issues faster