PCI Training and Summit<br />- Training on PCI Compliance - 28-29 SEP<br />- Summit on What Works in PCI - 27 SEP<br />Location: Cesear's Palace in Las Vegas<br />

Training Roadmap - Best Practices for Payment Application Companies


Visa has outlined security best practices that acquirers, merchants and agents should review and insist their payment application vendors, integrators and resellers fully adopt in order to promote stronger security processes that go beyond Payment Application Data Security Standard (PA-DSS) compliant software. Recent payment card data compromises have demonstrated the critical need for these payment application companies to maintain mature software processes for their customers.

In an effort to help payment application companies safeguard their customers' data through the implementation of Visa's Top 10 Best Practices for Payment Application Companies, Visa has worked with The SANS Institute to deliver the most comprehensive training available at favorable rates. The table below outlines SANS-instructed courses that provide critical knowledge areas for Visa's Top 10 best practices that payment application companies should possess and continue to enhance.

Click on the course numbers at the top of the chart or any of the colored dots to find out more about each of the courses and to register for training.



Click For Upcoming Opportunities For Training

If you have additional questions or would like to discuss training solutions for larger groups, please e-mail: pci@sans.org

Topic Fundamentals - Suggested for developers and security staff who require thorough covereage of secure coding and testing practices
Language/platform specific - Select the language/platforms that match your solution
Deep dive into specific topic/language/platform - Appropriate for principal and senior level developers/security testers
Recommended for anyone implementing, managing or auditing in a PCI environment
At least one Technical program manager, compliance officer or ISO should attend in order to be able to establish internal governance standards and effective control systems to provide long term assurance.
DomainBest Practices DEV
320		 SEC
401		 MGT
411		 DEV
522		 SEC
504		 SEC
505		 AUD
507		 AUD
521		 DEV
534		 DEV
536		 DEV
541		 SEC
542		 DEV
543		 DEV
544		 DEV
545		 SEC
560
Organizational Security1Background Checks
2Software Security Training and Certification
Mature Software Development3Common SDLC
4PA-DSS compliance
Product Vulnerability Management5Application tests and code reviews
6ID applications that store critical data
Secure Implementation7Service Level Agreements for PA-DSS
8Installer / Integrator certification and training
Emerging Payment Technologies9Data encryption and tokenization
10Dynamic data solutions

Click For Upcoming Opportunities For Training

Latest Whitepapers

Event Monitoring and Incident Response
By Ryan Boyle

Dead Linux Machines Do Tell Tales
By James Fung

Setting Up a Database Security Logging and Monitoring Program
By Jim Horwath

Latest Tweets

DFIR Webcast starts in 75 minutes - 50 Shades of Hidden - Di [...]
May 17, 2013 - 3:46 PM

New blog post by @yorikv on pen test tips for file analysis. [...]
May 16, 2013 - 5:07 PM

New Blog Post: SANS EU #DFIR Summit in Prague - Call for Spe [...]
May 16, 2013 - 12:33 AM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"It has really been an eye opener concerning the depth of security training & awareness that SANS has to offer."
- Michael Hall, Drivesavers

"It was a great learning experience that helped open my eyes wider. The instructor's knowledge was fantastic."
- Manuja Wikesekera, Melbourne Cricket Club

"The amount of knowledge conveyed and technical diving by practical hands-on was well balanced."
- Aaron Moore, Maricopa County