Maintain a Vulnerability Management Program

Topic	Replies	Views	Activity
About the Maintain a Vulnerability Management Program category	0	9	January 23, 2023
[PCI DSS 1.x] 6.1 Ensure that all system components and software have the latest vendor-supplied securit pci-dss-requirement-	6	13587	October 25, 2011
[PCI DSS 1.x] 6.5 Develop all web applications based on secure coding guidelines. such as the Open Web Application pci-dss-requirement-	1	4998	September 13, 2011
[PCI DSS 1.x] 6.5.10 Insecure configuration management pci-dss-requirement-	1	5536	August 2, 2011
[PCI DSS 1.x] 5.1 Deploy anti-virus software on all systems commonly affected by malicious software (par pci-dss-requirement-	8	21497	May 11, 2011
[PCI DSS 1.x] 6.6 Ensure that all web-facing applications are protected against known attacks by either of the fol pci-dss-requirement-	4	6297	March 17, 2011
[PCI DSS 1.x] 5.1.1 Ensure that all anti-virus programs are capable of detecting, removing, and protecti pci-dss-requirement-	1	3842	March 4, 2011
[PCI DSS 1.x] 6.3.7 Review of custom code prior to release to production or customers in order to identify any pot pci-dss-requirement-	1	3797	September 30, 2010
[PCI DSS 1.x] 6.2 Establish a process to identify newly discovered security vulnerabilities (for example pci-dss-requirement-	2	5161	March 16, 2010
[PCI DSS 1.x] 6.3.1 Testing of all security patches, and system and software configuration changes befor pci-dss-requirement-	4	5097	November 12, 2009
[PCI DSS 1.x] 6.3 Develop software applications in accordance with PCI DSS (for example, secure authenti pci-dss-requirement-	1	3325	September 7, 2009
[PCI DSS 1.x] 6.5.7 Improper error handling pci-dss-requirement-	2	3807	June 14, 2009
[PCI DSS 1.x] 6.5.9 Denial of service pci-dss-requirement-	0	2456	March 18, 2007
[PCI DSS 1.x] 6.5.8 Insecure storage pci-dss-requirement-	0	2835	March 18, 2007
[PCI DSS 1.x] 6.5.6 Injection flaws (for example, structured query language (SQL) injection) pci-dss-requirement-	0	2643	March 18, 2007
[PCI DSS 1.x] 6.5.5 Buffer overflows pci-dss-requirement-	0	2508	March 18, 2007
[PCI DSS 1.x] 6.5.4 Cross-site scripting (XSS) attacks pci-dss-requirement-	0	2891	March 18, 2007
[PCI DSS 1.x] 6.5.3 Broken authentication and session management (use of account credentials and session cookies) pci-dss-requirement-	0	3586	March 18, 2007
[PCI DSS 1.x] 6.5.2 Broken access control (for example, malicious use of user IDs) pci-dss-requirement-	0	3508	March 18, 2007
[PCI DSS 1.x] 6.5.1 Unvalidated input pci-dss-requirement-	0	2714	March 18, 2007
[PCI DSS 1.x] 6.4.4 Back-out procedures pci-dss-requirement-	0	3061	March 18, 2007
[PCI DSS 1.x] 6.4.3 Testing of operational functionality pci-dss-requirement-	0	2698	March 18, 2007
[PCI DSS 1.x] 6.4.2 Management sign-off by appropriate parties pci-dss-requirement-	0	2714	March 18, 2007
[PCI DSS 1.x] 6.4.1 Documentation of impact pci-dss-requirement-	0	3198	March 18, 2007
[PCI DSS 1.x] 6.4 Follow change control procedures for all system and software configuration changes. The procedur pci-dss-requirement-	0	4007	March 18, 2007
[PCI DSS 1.x] 6.3.6 Removal of custom application accounts, usernames, and passwords before applications become ac pci-dss-requirement-	0	3505	March 18, 2007
[PCI DSS 1.x] 6.3.5 Removal of test data and accounts before production systems become active pci-dss-requirement-	0	2226	March 18, 2007
[PCI DSS 1.x] 6.3.4 Production data (live PANs) are not used for testing or development pci-dss-requirement-	0	5069	March 18, 2007
[PCI DSS 1.x] 6.3.3 Separation of duties between development/test and production environments pci-dss-requirement-	0	4070	March 18, 2007
[PCI DSS 1.x] 6.3.2 Separate development/test and production environments pci-dss-requirement-	0	3798	March 18, 2007