3 min read
Why did my PCI DSS Scope Explode?
It can be extremely frustrating for a compliance team to realize that additional systems are in-scope. It means additional and unexpected security...
12 min read
This Week's [in]Security - Issue 230
Welcome to This Week’s [in]Security. SSF faqs, firewalls, Storing CVV. New breaches: Microsoft Power Apps: IndiaMart, Imavex. New Ransomware:...
4 min read
Don’t Tie Yourself in Knots Thinking you can Store Payment Card Verification Codes/Values
Card Not Present Security Codes/Values are the 3 and 4 digit printed numbers on your payment cards used to verify card-not-present transactions. PCI...
13 min read
This Week's [in]Security - Issue 229
Welcome to This Week’s [in]Security. Big-Hacks: T-Mobile. New breaches: Terrorist Watchlist, US census, Baby monitors and cams, Chase, HVAC as a...
2 min read
Our Offensive Security Hiring Process
Control Gap is expanding our Offensive Security team and looking for talented individuals. To ensure that we have the right team, we needed a better...
14 min read
This Week's [in]Security - Issue 228
Welcome to This Week’s [in]Security. PCI SSF vs PA-DSS, Scoping Cloud, Cooperation, PCI Back to Basics Series, MageCart, Free Card Dump, No stripes....
15 min read
This Week's [in]Security - Issue 227
Welcome to This Week’s [in]Security. Community Meeting, Featured FAQs, PCI, MageCart, & JavaScript, Python PyPI library skimmer, Payment APIs. New...
8 min read
The DSS, MageCart, and the DOM – Part 3 e-Commerce Skimming
Cyberattacks and data breaches have risen dramatically in recent years and no industry or organization is immune to these attacks. Merchants,...
6 min read
The DSS, MageCart, and the DOM – Part 2 Browsers, the DOM, and 3rd Party JavaScript
In part two of our series, we take a deeper dive into how JavaScript works and its implications to web and e-commerce security and compliance. This...