Webinar and Q&A Session:

CoalFire Chimes in on 6.4.3 and 11.6.1 

Go with the Payment Flow 

April 11th 2024 

2:00 - 3:00 PM EST

Register now

That's all folks - PCI DSS 3.2.1 is a thing of the past and 4.0 now rules the land. One of the most talked about and concerning changes for merchants and their QSA partners is the requirement for eSkimming security controls under 6.4.3 and 11.6.1.

As a PPO and the pioneer in eSkimming security, Source Defense has spent the past year engaging with hundreds of the world's QSACs and thousands of merchants. We've heard their concerns, their questions and their calls for clarification on key points of the requirements. 

To remove ambiguity, help the community better understand scope, and lay out a roadmap for success, we recently engaged CoalFire to chime in with their thoughts on scope, on how best to address the requirements, and even to assess the Source Defense approach! 

Join us on April 11th for a webinar that will dig into CoalFire's thoughts and answer the questions you have! REGISTER NOW! 

What will you learn?

We'll dig deep into the requirements found in 6.4.3 and 11.6.1. We'll look at CoalFire's view on what is really in scope; the shared responsibilities of Merchants, PSPs and eCommerce platform providers; look at their guidance on how best to address the issues at hand and dig into their thoughts on the Source Defense approach.   

Key Takeaways:

  • Background - gain a deep understanding of the eSkimming threat, how the modern website is at risk, and recent changes in adversary tradecraft that make addressing the problem a paramount concern  
  • Clarification - remove any ambiguity on scope and get to the heart of what the standard is mandating - protection of payment flows - not just "payment pages"  
  • Guidance - get an honest assessment of various approaches to addressing the eSkimming threat, along with a roadmap that can help QSAs and merchants work through the process 
  • Expanded Thinking - learn how adopting a risk based approach to your PCI DSS compliance requirements can help address broader data privacy compliance requirements  
  • A 3rd Party Opinion - walk away with thoughts from one of the world's most respected QSACs on all things eSkimming - including their assessment of the Source Defense approach 
  • The Full Whitepaper - we'll present the findings of the paper in this session, provide a chance for interactive Q&A and leave you with a full copy of the whitepaper to read on your own  

Seats will fill fast, so register now and take control of your PCI DSS compliance!

Source Defense, 2024