-
"IM-8: Restrict the exposure of credential and secrets" states that storing keys utilized by the service is supported, which is inaccurate. Key Vault stores keys, yes, but that is not what this benchm…
-
```
What is the expected output? What do you see instead?
The current version only displays the last four digits of the credit/debit
primary account number (PAN).
Under the PCI DSS, OpenDLP is al…
-
```
Hi Andrew,
Thanks for the 4.0 update. The product is coming together nicely.
A new VM would be a great idea. Also some instructions on how to put the pieces
together(It took my half a day to fi…
-
Hi! I need to deal with http parameter which have been zipped (deflate algorithm) and then base64-encoded.
Is it possible to implement transformation function to deflate (t:unzipDeflate) ?
What I n…
-
Project : t
Job : Default
Env : Default
Category : InvalidAuth
Tags : [OWASP A2, OWASP A5, OWASP A6, OWASP A7, [PCI DSS 3.0] 6.5.8, [PCI DSS 3.0] 6.5.10, OTG-AUTHN-004, FX Top 10 - API V…
-
**Acceptance criteria:**
- Go through PCI compliance doc provided by GCP
- Look for the mandatory requirements
- Specifically check for kubernetes namespace and its impacts on PCI audit
-
Project : TestingBanking1
Job : Default
Env : Default
Category : null
Tags : null
Severity : null
Region : US_WEST_2
Result : fail
Status Code : 200
Headers : {X-Content-T…
-
Project : TestingBanking1
Job : Default
Env : Default
Category : null
Tags : null
Severity : null
Region : US_WEST_2
Result : fail
Status Code : 200
Headers : {X-Content-T…
-
```
Certain certifications, such as PCI-DSS, mandate that sensitive
information cannot be persisted, including in log files. If a credit card
number or CVV, for example, fails input validation, the…
-
```
Certain certifications, such as PCI-DSS, mandate that sensitive
information cannot be persisted, including in log files. If a credit card
number or CVV, for example, fails input validation, the…