Protecting Cardholder Data Through Open Source Scanning
The payment card industry is undergoing regulatory requirement changes for software vendors developing payment applications.
Given that the availability and use of open source components is on the rise – with no indications of it slowing down – the possibility that a developer could use components with known vulnerabilities increases.
What else is on the rise? Security breaches.
This white paper overviews the security standards published by the Payment Card Industry Security Standards Council (PCI SSC), the role of Software Composition Analysis (SCA) in helping software development companies with compliance through continuous open source scanning, and the role of people, processes and technology in managing the software supply chain.