Watchfire Certified as PCI Security Standards Council Approved Scanning Vendor
Well, this is a good news for all the folks in the PCI compliance business. Watchfire has been certified as a PCI scanning vendor. Quoting the press release:
WALTHAM, MA – March 12, 2007 – Watchfire, the market leading provider of web application security software and services, announced today that its AppScan® product has successfully completed the PCI Security Standards Council Approved Scanning Vendors testing process and is validated as compliant with the Payment Card Industry Data Security Standard (PCI DSS). Watchfire is the only web application security testing software vendor to earn PCI certification and can perform PCI scans to help validate the security of its customers’ websites according to the Payment Card Industry Data Security Standard.
I wonder when SPI Dynamics will follow, because I’m a big fan of WebInspect 
Thank you for reading this post. You can now Read Comment (1) or Leave A Trackback.
Print This Post
Post Info
This entry was posted on Sunday, March 18th, 2007 . Tagged with:You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Month of PHP Bugs – Day 10 »
Next Post: Web App Audit in 3 easy steps – powered by SANS »
Read More
Related Reading:- My Twitter Notes on 2010-07-25
- New NetWitness Visualize : Welcome To The Future!
- My Twitter Notes on 2010-07-18
- My Twitter Notes on 2010-07-11
- My Twitter Notes on 2010-06-27
- Qualys and Imperva Integration: Natural Evolution
- My Twitter Notes on 2010-06-20
- Pro CERT – First Romanian Commercial CERT
- GFI EventsManager 2010 Review
- My Twitter Notes on 2010-06-13
March 18th, 2007 21:58
Hi there. SPI is working to have our WebInspect Direct and assessment services group PCI certified. This is similar to what Watchfire has done but was misleading in their press release with regard to PCI. The PCI group has made it pretty clear that products won’t be certified and they only certify services organizations (as it should be, no single product could ever effectively verify PCI compliance and it’s really the realm of services organizations who might use tools like WebInspect).