Imperva Blog|Login|中文Deutsch日本語

Podcasts

Launch iTunes & Subscribe  Imperva on iTunes Hide Descriptions
Selected Tag: PCI | Show All
Leveraging WAF and DAM for Protecting Data, Securing Servers, Meeting Partner Requirements, Addressing PCI, and Beyond -- an Interview with Richard Collins from Imperva Customer TechSoup Global

Leveraging WAF and DAM for Protecting Data, Securing Servers, Meeting Partner Requirements, Addressing PCI, and Beyond -- an Interview with Richard Collins from Imperva Customer TechSoup Global


On this episode of the Imperva Security Podcast Richard Collins from TechSoup Global talks about using Imperva SecureSphere WAF and DAM solutions. He discusses key drivers such as sensitive data protection, securing mission-critical servers, addressing partner concerns over data security from Microsoft, Adobe, and Intuit (which require their partners to have strong data security solutions), and addressing PCI.

Richard also discusses how WAF can be used as a unifying technology that brings together development and operations teams. Finally he explains why he chose Imperva SecureSphere above competitors, and how Imperva offers the best solution for TechSoup Global by providing a superior: user interface, policy management system, profiling and learning capability, architecture flexibility, and ability to integrate database and Web application protection through a single solution.

Mr. Collins is the Senior Director for Information System Security for TechSoup Global, a nonprofit organization that helps nonprofits in 31 countries around the world get and use technology to better serve their missions. In addition, TechSoup Global works with companies and foundations to optimize their philanthropic impact.

At TechSoup Global, Mr. Collins is in charge of security strategy and security policy to protect data and information systems across the organization. He is also responsible for senior project management, consulting, and coordination for all security and system-stability related projects.

Mr. Collins is currently leading several security projects including achieving PCI compliance, providing security and risk protection across the architecture stack, and embedding security into systems development, operations planning, and implementation processes.

A 20-year industry veteran, Mr. Collins has held positions ranging from programmer analyst to CIO in a wide range of industries including banking, telecommunications, publishing, and technical consulting services. Mr. Collins holds a Masters Degree in Information Systems and Telecommunications Management.

Tags: Customer, WAF, DAM, Richard Collins, TechSoup Global, Sensitive Data, Compliance, PCI

Play Podcast Podcast Transcript (PDF)
PCI by the Numbers: Survey Results Explored -- an Interview with Dr. Larry Ponemon of the Ponemon Institute

PCI by the Numbers: Survey Results Explored -- an Interview with Dr. Larry Ponemon of the Ponemon Institute


On this episode of the Imperva Security Podcast Dr. Larry Ponemon of the Ponemon Institute discusses the results of his latest PCI DSS survey. He talks about a number of fascinating and sometimes anomalistic statistics from the survey results, and shares his views and leanings. Dr. Ponemon addresses questions such as:
  • Can consumers rely on companies to protect their credit card information?
  • How has PCI affected security budgets?
  • Which PCI approaches work and which ones don't?
  • How do smart companies manage the cost and get the most out of PCI?
Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research "think tank" dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

Dr. Ponemon consults with leading multinational organizations on global privacy management programs. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master's degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona.

Download: PCI DSS Survey Results (pdf)

Tags: PCI DSS, Larry Ponemon, Ponemon Institute, Survey, Compliance

Play Podcast Podcast Transcript (PDF)
Interview with Martin McKeay -- Host of the Network Security Blog and Podcast Series, and QSA

Interview with Martin McKeay -- Host of the Network Security Blog and Podcast Series, and QSA


On this episode of the Imperva Security Podcast Martin McKeay is interviewed. Martin talks about the recent Webcast from Homeland Security titled "Do the Payment card Industry Data Standards Reduce Cyber Crime." He also shares with us his perspectives on the changing security industry. Martin discusses how he got into blogging and podcasting, and gives some insight into the Network Security Blog -- including some interesting history related to interviewing Imperva's Chief Security Strategist:Martin McKeay started blogging about security in August of 2003. He took up blogging as a means to extend his knowledge and test ideas about security by putting them up for peer review. Four years later he's still at it. He works as a Senior Consultant for Trustwave, specializing in PCI assessments. He has a podcast co-hosted with Rich Mogull of Securosis. He also writes for Computerworld.

Tags: Martin McKeay, PCI, Podcaster, Network Security Blog, Network Security Podcast

Play Podcast Podcast Transcript (PDF)
Interview with Branden Williams -- QSA with VeriSign

Interview with Branden Williams -- QSA with VeriSign


On this episode of the Imperva Security Podcast Branden Williams is interviewed. This is a follow-up to a joint partner Webcast conducted by Imperva and VeriSign titled: PCI Validated, But Not Secure: Real Life Stories of a PCI QSA.

Branden discuss several PCI experiences form companies that just don't get it and those that get it right. He discusses the strong need to address application and database security, issues to look out for when working with your QSA, and the future of PCI.

Branden has fourteen years of experience in the security and compliance space. He is an Adjunct Professor at the University of Dallas's Graduate School of Management where he teaches in their NSA Certified Information Assurance program. He is a PCI Practice Lead with over 80 certified QSAs globally, and has led and delivered security related assessments for clients in the financial, retail, healthcare, manufacturing, utilities, transportation, service provision, and industrial sectors. He is a Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Qualified Security Assessor (QSA), as well as a Certified Payment-card Industry Security Auditor (CPISA), and Manager (CPISM). He holds a Bachelors of Business Administration, Marketing from the University of Texas, Arlington and a Masters of Business Administration, Supply Chain Mgt & Market Logistics from the University of Dallas.

Tags: Branden Williams, VeriSign, PCI, QSA, Partner

Play Podcast Podcast Transcript (PDF)
Interview with Dr. Anton Chuvakin, Director of PCI Compliance Solutions at Qualys and Recognized Security Expert & Author

Interview with Dr. Anton Chuvakin, Director of PCI Compliance Solutions at Qualys and Recognized Security Expert & Author


On this episode of the Imperva Security Podcast Dr. Anton Chuvakin is interviewed. Anton talks about PCI and the need for vulnerability assessments to work in concert with application and data security solutions to develop a strong security posture.

Dr. Anton Chuvakin (http://www.chuvakin.org) is the Director of PCI Compliance Solutions at Qualys and is a recognized security expert and book author. He is an author of the book "Security Warrior" and a contributor to books such as "Know Your Enemy II", "Information Security Management Handbook", "Hacker's Challenge 3", "PCI Compliance", "OSSEC HIDS" and others. Anton also published numerous papers on a broad range of security subjects. In his spare time he blogs at http://www.securitywarrior.org. Anton has presented at many security conferences across the world; his recent speaking engagements include presenting in the United States, UK, Singapore, Spain, Canada, Poland, Czech Republic, Russia and other countries. Anton holds a Ph.D. degree from Stony Brook University.

Tags: Anton Chuvakin, PCI, Data Security

Play Podcast Podcast Transcript (PDF)
Selected Tag: PCI | Show All
Launch iTunes & Subscribe Request More Information