WO2008014507A3 - Systems and methods for scoring scanning vendor performance - Google Patents
Systems and methods for scoring scanning vendor performance Download PDFInfo
- Publication number
- WO2008014507A3 WO2008014507A3 PCT/US2007/074725 US2007074725W WO2008014507A3 WO 2008014507 A3 WO2008014507 A3 WO 2008014507A3 US 2007074725 W US2007074725 W US 2007074725W WO 2008014507 A3 WO2008014507 A3 WO 2008014507A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- systems
- methods
- vendor
- scoring
- scanning
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2153—Using hardware token as a secondary aspect
Abstract
Systems, computing devices, and methods for qualifying scanning vendors in the payment-by-card industry are provided. The qualification of vendors can ensure compliance with security standards in the payment-by-card industry. The qualification of a vendor involves testing vendor ability to discover and identify an established set of vulnerabilities in a simulated data situation. Vendor scoring procedures involve consideration of the exploitability, severity, and weight of vulnerabilities discovered.
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US83396906P | 2006-07-28 | 2006-07-28 | |
US60/833,969 | 2006-07-28 | ||
USPCT/US2007/070709 | 2007-06-08 | ||
PCT/US2007/070709 WO2007146772A2 (en) | 2006-06-08 | 2007-06-08 | Qualification of scanning vendors for implementing payment card industry security procedures |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2008014507A2 WO2008014507A2 (en) | 2008-01-31 |
WO2008014507A3 true WO2008014507A3 (en) | 2008-11-06 |
Family
ID=38982424
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2007/074725 WO2008014507A2 (en) | 2006-07-28 | 2007-07-30 | Systems and methods for scoring scanning vendor performance |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2008014507A2 (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010148007A2 (en) * | 2009-06-17 | 2010-12-23 | Ordway Research Institute, Inc. | Nanoparticle and polymer formulations for thyroid hormone, analogs, antagonists, and formulations and uses thereof |
RU2627386C1 (en) * | 2016-06-14 | 2017-08-10 | Евгений Борисович Дроботун | Stand for testing automated systems under conditions of malicious programs impact |
RU2640629C1 (en) * | 2017-04-27 | 2018-01-10 | Евгений Борисович Дроботун | Method of functioning performance evaluation of automated control systems under conditions of malicious programs impact |
US10706156B2 (en) * | 2017-10-13 | 2020-07-07 | 1230604 BC Ltd. | Security risk identification in a secure software lifecycle |
EP3671614A1 (en) * | 2018-12-18 | 2020-06-24 | Mastercard International Incorporated | Computer security device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6185689B1 (en) * | 1998-06-24 | 2001-02-06 | Richard S. Carson & Assoc., Inc. | Method for network self security assessment |
US20040073445A1 (en) * | 2002-07-01 | 2004-04-15 | First Data Corporation | Methods and systems for performing security risk assessments of internet merchant entities |
US20040241627A1 (en) * | 2003-03-21 | 2004-12-02 | Raymond Delfing | Method & system for providing orientation/training and controlling site access |
US6901346B2 (en) * | 2000-08-09 | 2005-05-31 | Telos Corporation | System, method and medium for certifying and accrediting requirements compliance |
US6993448B2 (en) * | 2000-08-09 | 2006-01-31 | Telos Corporation | System, method and medium for certifying and accrediting requirements compliance |
WO2006033727A2 (en) * | 2004-08-17 | 2006-03-30 | Mastercard International Incorporated | Compliance assessment and security testing of smart cards |
-
2007
- 2007-07-30 WO PCT/US2007/074725 patent/WO2008014507A2/en active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6185689B1 (en) * | 1998-06-24 | 2001-02-06 | Richard S. Carson & Assoc., Inc. | Method for network self security assessment |
US6901346B2 (en) * | 2000-08-09 | 2005-05-31 | Telos Corporation | System, method and medium for certifying and accrediting requirements compliance |
US6993448B2 (en) * | 2000-08-09 | 2006-01-31 | Telos Corporation | System, method and medium for certifying and accrediting requirements compliance |
US20040073445A1 (en) * | 2002-07-01 | 2004-04-15 | First Data Corporation | Methods and systems for performing security risk assessments of internet merchant entities |
US20040241627A1 (en) * | 2003-03-21 | 2004-12-02 | Raymond Delfing | Method & system for providing orientation/training and controlling site access |
WO2006033727A2 (en) * | 2004-08-17 | 2006-03-30 | Mastercard International Incorporated | Compliance assessment and security testing of smart cards |
Also Published As
Publication number | Publication date |
---|---|
WO2008014507A2 (en) | 2008-01-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2008103286A3 (en) | Assessment and analysis of software security flaws | |
WO2008014507A3 (en) | Systems and methods for scoring scanning vendor performance | |
WO2007079499A3 (en) | Trusted host platform | |
WO2007120845A3 (en) | Method and system for simulating state retention of an rtl design | |
WO2015038775A3 (en) | Malware and exploit campaign detection system and method | |
WO2007147114A3 (en) | Peripheral sharing usb hub for a wireless host | |
WO2015077564A3 (en) | Weight generation in machine learning | |
WO2003067405A3 (en) | Automated security threat testing of web pages | |
WO2009120331A3 (en) | Method and system for automated testing of computer applications | |
WO2008038196A3 (en) | Protecting interfaces on processor architectures | |
WO2006112989A3 (en) | Preconditioning for stochastic simulation of computer system performance | |
WO2007133599A3 (en) | Vehicle testing and simulation using integrated simulation model and physical parts | |
WO2013169728A3 (en) | Universal device multi-function test apparatus | |
WO2010032249A3 (en) | Power management for network-attached computing devices | |
WO2011139815A3 (en) | System and method for authentication of input devices | |
WO2009016988A1 (en) | Treating apparatus, center-hole working system, center-hole position deciding program, and center-hole position deciding method | |
FR2905497B1 (en) | METHOD FOR SIMULATING THE THERMO-MECHANICAL BEHAVIOR OF A TIRE, AND APPLICATION | |
WO2010030450A3 (en) | Method and apparatus for merging eda coverage logs of coverage data | |
WO2010030449A3 (en) | Method and apparatus for merging eda coverage logs of coverage data | |
WO2012074972A3 (en) | Non-destructive testing methods for fuel cell interconnect manufacturing | |
WO2010006132A3 (en) | Network storage | |
WO2012142324A3 (en) | Contactless test system | |
WO2006115639A3 (en) | Hardware functionality scan for device authentication | |
WO2008116743A8 (en) | A method and apparatus for generating a model of an object | |
WO2007115124A3 (en) | Apparatus and method for transmitting outgoing data using data descriptors |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07813537 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
NENP | Non-entry into the national phase |
Ref country code: RU |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07813537 Country of ref document: EP Kind code of ref document: A2 |