HITRUST is becoming increasingly required by organizations to ensure robust protection of sensitive data. Manage third-party risk effectively.
Discover the answers you need as an acquirer to navigate new PCI updates, PCI program questions, and merchant concerns.
The main purpose of a penetration test is to stay one step ahead of the bad guys by finding your weaknesses with the help of experts exploring your mobile app and supporting systems.
Understanding the role of an ISO in the payment process can be tricky. This blog outlines the most frequently asked questions surrounding ISOs and their pros and cons.
This blog post is for anybody who's interested in external pen testing basics, the types of things found when pen testing, and the process that you go through when completing them.
This blog explores the main ideas from the webinar “How to Protect Your Ecommerce Website Against Eskimming,” and the latest threats attacking the e-commerce space.
When it comes to your business, choosing the right, knowledgeable partner can make all the difference in preventing audit fatigue.
There’s no need to put up with a PCI program that isn’t meeting your expectations.
This blog is a summary and compendium to the SecurityMetrics’ Webinar “How to Protect Your Ecommerce Website Against Skimming”, hosted by Matt Heffelfinger and Aaron Willis.
Read this blog to understand the methodology, scope, and best practices for conducting effective web application penetration testing.
In this blog, you’ll learn about the fundamental aspects of HITRUST Certification, as well as receive answers to frequently asked questions about CSF HITRUST.
Here are a few variables that will affect the overall cost of PCI compliance.
Since 2014, Infosend has partnered with SecurityMetrics to meet their PCI compliance needs, ensuring their processes remain secure and their clients’ data is protected.
For 2024, our guide remains one of the best resources to use as you achieve PCI DSS compliance for your organization. It covers each requirement with clarity and thoroughness.
Check out some of the top cybersecurity conferences and events to attend in 2025 - 2026
About four years ago, Vita Companies decided to pursue HITRUST certification to differentiate themselves in the market.
Learn how to comply with PCI DSS 4.0 Requirement 8, focusing on multi-factor authentication (MFA) and password management.
Merchants that rely on a PCI compliance program to stay compliant and protect their business often find themselves dissatisfied or frustrated by all kinds of problems including lack of support, expensive contracts, and many more.
SecurityMetrics has seen a dramatic increase in attacks specifically on ecommerce sites using iFrames to host a payment page from a 3rd party service provider.
In this case study, Anedot works with SecurityMetrics to better secure their cybersecurity infrastructure and to reach PCI DSS 4.0 compliance.
While there are various types of penetration tests like external, web application, or mobile, this blog will focus on internal tests and why they matter.
This article covers the Self-Assessment Questionnaire (SAQ) for Software-based PIN entry.
The PCI Security Standards Council (PCI SSC) recently published a limited revision to the PCI DSS in the form of v4.0.1.
.svg)
