Maintain a Vulnerability Management Program

Topic	Replies	Views	Activity
About the Maintain a Vulnerability Management Program category	0	45	January 23, 2023
[PCI DSS 1.x] 6.1 Ensure that all system components and software have the latest vendor-supplied securit pci-dss-requirement-	6	13665	October 25, 2011
[PCI DSS 1.x] 6.5 Develop all web applications based on secure coding guidelines. such as the Open Web Application pci-dss-requirement-	1	5061	September 13, 2011
[PCI DSS 1.x] 6.5.10 Insecure configuration management pci-dss-requirement-	1	5595	August 2, 2011
[PCI DSS 1.x] 5.1 Deploy anti-virus software on all systems commonly affected by malicious software (par pci-dss-requirement-	8	21584	May 11, 2011
[PCI DSS 1.x] 6.6 Ensure that all web-facing applications are protected against known attacks by either of the fol pci-dss-requirement-	4	6353	March 17, 2011
[PCI DSS 1.x] 5.1.1 Ensure that all anti-virus programs are capable of detecting, removing, and protecti pci-dss-requirement-	1	3895	March 4, 2011
[PCI DSS 1.x] 6.3.7 Review of custom code prior to release to production or customers in order to identify any pot pci-dss-requirement-	1	3847	September 30, 2010
[PCI DSS 1.x] 6.2 Establish a process to identify newly discovered security vulnerabilities (for example pci-dss-requirement-	2	5215	March 16, 2010
[PCI DSS 1.x] 6.3.1 Testing of all security patches, and system and software configuration changes befor pci-dss-requirement-	4	5141	November 12, 2009
[PCI DSS 1.x] 6.3 Develop software applications in accordance with PCI DSS (for example, secure authenti pci-dss-requirement-	1	3374	September 7, 2009
[PCI DSS 1.x] 6.5.7 Improper error handling pci-dss-requirement-	2	3852	June 14, 2009
[PCI DSS 1.x] 6.5.9 Denial of service pci-dss-requirement-	0	2494	March 18, 2007
[PCI DSS 1.x] 6.5.8 Insecure storage pci-dss-requirement-	0	2889	March 18, 2007
[PCI DSS 1.x] 6.5.6 Injection flaws (for example, structured query language (SQL) injection) pci-dss-requirement-	0	2688	March 18, 2007
[PCI DSS 1.x] 6.5.5 Buffer overflows pci-dss-requirement-	0	2554	March 18, 2007
[PCI DSS 1.x] 6.5.4 Cross-site scripting (XSS) attacks pci-dss-requirement-	0	2959	March 18, 2007
[PCI DSS 1.x] 6.5.3 Broken authentication and session management (use of account credentials and session cookies) pci-dss-requirement-	0	3634	March 18, 2007
[PCI DSS 1.x] 6.5.2 Broken access control (for example, malicious use of user IDs) pci-dss-requirement-	0	3574	March 18, 2007
[PCI DSS 1.x] 6.5.1 Unvalidated input pci-dss-requirement-	0	2776	March 18, 2007
[PCI DSS 1.x] 6.4.4 Back-out procedures pci-dss-requirement-	0	3103	March 18, 2007
[PCI DSS 1.x] 6.4.3 Testing of operational functionality pci-dss-requirement-	0	2745	March 18, 2007
[PCI DSS 1.x] 6.4.2 Management sign-off by appropriate parties pci-dss-requirement-	0	2755	March 18, 2007
[PCI DSS 1.x] 6.4.1 Documentation of impact pci-dss-requirement-	0	3246	March 18, 2007
[PCI DSS 1.x] 6.4 Follow change control procedures for all system and software configuration changes. The procedur pci-dss-requirement-	0	4063	March 18, 2007
[PCI DSS 1.x] 6.3.6 Removal of custom application accounts, usernames, and passwords before applications become ac pci-dss-requirement-	0	3545	March 18, 2007
[PCI DSS 1.x] 6.3.5 Removal of test data and accounts before production systems become active pci-dss-requirement-	0	2260	March 18, 2007
[PCI DSS 1.x] 6.3.4 Production data (live PANs) are not used for testing or development pci-dss-requirement-	0	5114	March 18, 2007
[PCI DSS 1.x] 6.3.3 Separation of duties between development/test and production environments pci-dss-requirement-	0	4129	March 18, 2007
[PCI DSS 1.x] 6.3.2 Separate development/test and production environments pci-dss-requirement-	0	3847	March 18, 2007