WO2008014507A3 - Systems and methods for scoring scanning vendor performance - Google Patents

Systems and methods for scoring scanning vendor performance Download PDF

Info

Publication number
WO2008014507A3
WO2008014507A3 PCT/US2007/074725 US2007074725W WO2008014507A3 WO 2008014507 A3 WO2008014507 A3 WO 2008014507A3 US 2007074725 W US2007074725 W US 2007074725W WO 2008014507 A3 WO2008014507 A3 WO 2008014507A3
Authority
WO
WIPO (PCT)
Prior art keywords
systems
methods
vendor
scoring
scanning
Prior art date
Application number
PCT/US2007/074725
Other languages
French (fr)
Other versions
WO2008014507A2 (en
Inventor
Fernando Lourenco
Original Assignee
Mastercard International Inc
Fernando Lourenco
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from PCT/US2007/070709 external-priority patent/WO2007146772A2/en
Application filed by Mastercard International Inc, Fernando Lourenco filed Critical Mastercard International Inc
Publication of WO2008014507A2 publication Critical patent/WO2008014507A2/en
Publication of WO2008014507A3 publication Critical patent/WO2008014507A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect

Abstract

Systems, computing devices, and methods for qualifying scanning vendors in the payment-by-card industry are provided. The qualification of vendors can ensure compliance with security standards in the payment-by-card industry. The qualification of a vendor involves testing vendor ability to discover and identify an established set of vulnerabilities in a simulated data situation. Vendor scoring procedures involve consideration of the exploitability, severity, and weight of vulnerabilities discovered.
PCT/US2007/074725 2006-07-28 2007-07-30 Systems and methods for scoring scanning vendor performance WO2008014507A2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US83396906P 2006-07-28 2006-07-28
US60/833,969 2006-07-28
USPCT/US2007/070709 2007-06-08
PCT/US2007/070709 WO2007146772A2 (en) 2006-06-08 2007-06-08 Qualification of scanning vendors for implementing payment card industry security procedures

Publications (2)

Publication Number Publication Date
WO2008014507A2 WO2008014507A2 (en) 2008-01-31
WO2008014507A3 true WO2008014507A3 (en) 2008-11-06

Family

ID=38982424

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/074725 WO2008014507A2 (en) 2006-07-28 2007-07-30 Systems and methods for scoring scanning vendor performance

Country Status (1)

Country Link
WO (1) WO2008014507A2 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010148007A2 (en) * 2009-06-17 2010-12-23 Ordway Research Institute, Inc. Nanoparticle and polymer formulations for thyroid hormone, analogs, antagonists, and formulations and uses thereof
RU2627386C1 (en) * 2016-06-14 2017-08-10 Евгений Борисович Дроботун Stand for testing automated systems under conditions of malicious programs impact
RU2640629C1 (en) * 2017-04-27 2018-01-10 Евгений Борисович Дроботун Method of functioning performance evaluation of automated control systems under conditions of malicious programs impact
US10706156B2 (en) * 2017-10-13 2020-07-07 1230604 BC Ltd. Security risk identification in a secure software lifecycle
EP3671614A1 (en) * 2018-12-18 2020-06-24 Mastercard International Incorporated Computer security device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6185689B1 (en) * 1998-06-24 2001-02-06 Richard S. Carson & Assoc., Inc. Method for network self security assessment
US20040073445A1 (en) * 2002-07-01 2004-04-15 First Data Corporation Methods and systems for performing security risk assessments of internet merchant entities
US20040241627A1 (en) * 2003-03-21 2004-12-02 Raymond Delfing Method & system for providing orientation/training and controlling site access
US6901346B2 (en) * 2000-08-09 2005-05-31 Telos Corporation System, method and medium for certifying and accrediting requirements compliance
US6993448B2 (en) * 2000-08-09 2006-01-31 Telos Corporation System, method and medium for certifying and accrediting requirements compliance
WO2006033727A2 (en) * 2004-08-17 2006-03-30 Mastercard International Incorporated Compliance assessment and security testing of smart cards

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6185689B1 (en) * 1998-06-24 2001-02-06 Richard S. Carson & Assoc., Inc. Method for network self security assessment
US6901346B2 (en) * 2000-08-09 2005-05-31 Telos Corporation System, method and medium for certifying and accrediting requirements compliance
US6993448B2 (en) * 2000-08-09 2006-01-31 Telos Corporation System, method and medium for certifying and accrediting requirements compliance
US20040073445A1 (en) * 2002-07-01 2004-04-15 First Data Corporation Methods and systems for performing security risk assessments of internet merchant entities
US20040241627A1 (en) * 2003-03-21 2004-12-02 Raymond Delfing Method & system for providing orientation/training and controlling site access
WO2006033727A2 (en) * 2004-08-17 2006-03-30 Mastercard International Incorporated Compliance assessment and security testing of smart cards

Also Published As

Publication number Publication date
WO2008014507A2 (en) 2008-01-31

Similar Documents

Publication Publication Date Title
WO2008103286A3 (en) Assessment and analysis of software security flaws
WO2008014507A3 (en) Systems and methods for scoring scanning vendor performance
WO2007079499A3 (en) Trusted host platform
WO2007120845A3 (en) Method and system for simulating state retention of an rtl design
WO2015038775A3 (en) Malware and exploit campaign detection system and method
WO2007147114A3 (en) Peripheral sharing usb hub for a wireless host
WO2015077564A3 (en) Weight generation in machine learning
WO2003067405A3 (en) Automated security threat testing of web pages
WO2009120331A3 (en) Method and system for automated testing of computer applications
WO2008038196A3 (en) Protecting interfaces on processor architectures
WO2006112989A3 (en) Preconditioning for stochastic simulation of computer system performance
WO2007133599A3 (en) Vehicle testing and simulation using integrated simulation model and physical parts
WO2013169728A3 (en) Universal device multi-function test apparatus
WO2010032249A3 (en) Power management for network-attached computing devices
WO2011139815A3 (en) System and method for authentication of input devices
WO2009016988A1 (en) Treating apparatus, center-hole working system, center-hole position deciding program, and center-hole position deciding method
FR2905497B1 (en) METHOD FOR SIMULATING THE THERMO-MECHANICAL BEHAVIOR OF A TIRE, AND APPLICATION
WO2010030450A3 (en) Method and apparatus for merging eda coverage logs of coverage data
WO2010030449A3 (en) Method and apparatus for merging eda coverage logs of coverage data
WO2012074972A3 (en) Non-destructive testing methods for fuel cell interconnect manufacturing
WO2010006132A3 (en) Network storage
WO2012142324A3 (en) Contactless test system
WO2006115639A3 (en) Hardware functionality scan for device authentication
WO2008116743A8 (en) A method and apparatus for generating a model of an object
WO2007115124A3 (en) Apparatus and method for transmitting outgoing data using data descriptors

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07813537

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

122 Ep: pct application non-entry in european phase

Ref document number: 07813537

Country of ref document: EP

Kind code of ref document: A2