- 博客(101)
- 收藏
- 关注
RSS订阅原创 PCI SSC推出PIN合规服务商列表计划
2025年5月,支付卡行业安全标准委员会(PCI SSC)正式推出PIN合规服务商列表计划(PIN Listing Program),旨在为产业相关机构识别和/或选择已验证符合PCI PIN安全标准的服务提供商的资源。作为PCI SSC授权的合格PIN评估机构(QPA:Qualified PIN Assessor),atsec可协助已完成PCI PIN合规评估的机构提交相关材料(合规证明AOC和厂商发布协议VRA等文件),从而将通过审核的服务商信息公开在PCI SSC官网的列表中。
2025-05-28 15:36:25
232
原创 22 Years of Good Luck and Hard Work
As atsec information security corporation celebrates its 22nd anniversary today, many of us took a moment to reflect on the journey so far. Our good friend and former colleague, Ken
2025-05-26 14:20:14
602
原创 atsec圆满完成2025年5月北京站PCI培训
来自于卡组织、银行、支付服务提供商、商户(如航空、游戏、电子商务领域)、硬件厂商等诸多机构从事支付安全或风险工作的同仁齐聚北京,参加了本次研讨会,分享了安全合规和风险处置的经验。
2025-05-26 14:19:38
191
原创 Now is the Time: Embracing the ACMVP at a Critical Crossroads
The ACMVP will arrive much sooner than expected.
2025-05-19 08:40:49
633
原创 BSI’s Study Analyzing RBG Usage in Browsers
atsec conducted a study for the BSI on the use of RBGs in internet browsers.
2025-04-25 08:22:45
566
原创 Highlights from ICMC 2025
ICMC 2025 wrapped up last week, and it was both informative and entertaining.
2025-04-17 08:47:39
772
原创 ICMC 2025 has Kicked Off!
The ICMC is here once again, and there’s so much to learn!
2025-04-09 11:06:51
590
原创 ENISA Announces Protection Profile for 3D House Printers
Advances in 3D printing have necessitated a new set of security standards.
2025-04-01 13:44:47
661
原创 Digging into some FIPS ‘n’ Chips
atsec’s FIPS ‘n’ Chips crypto module bootcamp wrapped up this week, and it was a blast!
2025-03-31 08:36:06
646
原创 Developing the Future at the EU Cyber Acts Conference
atsec recently attended and spoke at the EU Cyber Acts Conference!
2025-03-28 08:25:31
351
原创 支付页面安全与E-Skimming防护----浅谈PCI DSS v4.0.1要求6.4.3与11.6.1的实施
电子商务中支付页面安全尤为重要,而E-Skimming攻击通过注入恶意脚本窃取支付信息威胁日益加剧。PCI DSS要求6.4.3关注于脚本的授权、完整性验证和清单管理,要求11.6.1强调检测和响应未经授权的修改,协助机构防范相关安全风险。
2025-03-26 11:01:40
988
原创 A Glimpse of the Future: NIST’s KEM Workshop
NIST held a workshop on the future of Key Encapsulation Mechanisms (KEMs), featuring several interesting proposals.
2025-03-14 10:34:47
739
原创 Happy International Women’s Day
atsec information security wishes all women a wonderful International Women’s Day.
2025-03-10 10:06:08
204
原创 FIPS ‘n’ Chips Crypto Module Bootcamp
atsec and UT Austin are excited to host the second Crypto Module Bootcamp, free for all participants!
2025-03-04 08:45:25
961
原创 Exciting News: The Publication of ISO/IEC 19790:2025 and ISO/IEC 24759:2025
The cryptographic module validation community has been eagerly anticipating this moment!
2025-03-03 09:19:54
760
原创 atsec Becomes the First Accredited EUCC Conformity Assessment Body
atsec is the first accredited EUCC Conformity Assessment Body!
2025-03-03 07:44:52
831
原创 atsec成为首家获得认可的EUCC合格评定机构
atsec荣幸地宣布成为了新的欧盟通用评估准则(EUCC:EU Common Criteria)认证体系的首家获得认可的合格评定机构(CAB:conformity assessment body)。凭借此项认可,atsec能够为实质性和高1 保障级别(Substantial and High assurance level)提供认证和评估服务,并在认证后提供合规支持。
2025-02-21 12:23:32
335
原创 atsec Adds GSMA MDSCert Evaluations to its Service Offerings
atsec now offers MDSCert evaluations for mobile device vendors!
2025-02-20 09:07:51
502
原创 CST Newsletter February 2025
Dive into our February CST newsletter for the latest CMVP updates and more.
2025-02-20 09:07:37
609
原创 PCI PIN标准近期更新及动态分享
随着支付产业内的技术发展,PCI PIN标准一直在动态地演进。在2024年里,PCI标委会通过更新Technical FAQ文档以及定期召开QPA网络研讨会的方式,对出现的新技术方案提出了相应安全要求,对实际评估过程中遇到的具体问题做了相关澄清和解读。笔者将会从如下几个方面来和大家分享相关的更新。
2025-02-10 15:43:50
655
原创 atsec’s Common Criteria Services
Get the ball rolling on a Common Criteria evaluation with our helpful presentation.
2025-01-17 14:34:48
218
原创 针对云加密机PCI PIN标准要求及其实践
近年来,随着云计算技术的深入应用,多家云服务提供商和加密机制造商推出了“HSM as a Service”的服务,通常也会被称为云加密机服务。其带来的便利性和灵活性吸引着越来越多支付行业内的厂商(包括支付交易处理厂商,终端制造商等)考虑使用“HSM as a Service”方案来实现PIN交易系统、密钥注入系统等。
2025-01-17 14:31:16
557
原创 Happy Birthday, atsec!
On January 11th 2025, atsec celebrates 25 years in business.
2025-01-13 10:10:05
202
原创 Happy Holidays from atsec!
Happy holidays and a happy New Year from atsec!
2024-12-20 15:03:42
111
原创 现代网络架构PCI DSS合规范围确定和网络分割措施实施探讨
本文档主要探讨云环境和现代网络架构的分割控制,并为有关组织提供如何将传统网络安全原则适用于具有动态性和分布式特性的现代网络架构环境的建议,以支持组织更好的符合 PCI DSS标准要求。
2024-11-29 21:41:16
1112
原创 Final Call to Submit for Interim Validation
The CMVP is moving back to its normal certification process, which means interim submissions are being closed.
2024-11-28 09:04:49
323
原创 atsec at the PCI Community Meeting 2024
The PCI (Payment Card Industry) Security Standards Council had its 2024 Asia-Pacific Community Meeting in Hanoi, Vietnam from the 20th to the 21st of November, and atsec both hosted a booth and gave a presentation at the conference.
2024-11-26 09:03:49
320
原创 atsec at the CCUF and ICCC24 in Qatar
This last Sunday, members of theCommon Criteria User Forum(CCUF) gathered in Qatar for the 26thCCUF Workshop to discuss several pertinent topics, including the ISO updates, iTC support, and the CCRA.
2024-11-05 15:16:47
923
原创 Strengthening IoT Security: The Role of SESIP Certification
The rapid expansion of the Internet of Things (IoT) revolutionized industries, cities, and homes, connecting billions of devices to streamline operations and enhance everyday life.
2024-10-10 08:57:37
1141
原创 ICMC 2024 Update
It was nice to see our colleagues, partners, and friends in person at the ICMC 2024 in San Jose;
2024-10-10 08:57:10
180
原创 PCI支付卡产业第三方服务供应商TPSP的管理与实践
本文主要探讨如何识别在PCI DSS审核范围内的第三方服务提供商(TPSP),并且分享从引入TPSP到日常管理TPSP的一系列最佳实践方法,以达到PCI DSS的合规要求,最终确保持卡人数据得到有效保护。
2024-10-08 20:48:51
1092
原创 The NCCoE’s Automation of the CMVP
The NCCoE presented an update for the Automated CMVP at ICMC 2024 – we have a bit more detail on atsec’s involvement!
2024-09-23 09:28:51
853
原创 ICMC 2024 has Arrived, and We’ll See You There
It’s finally time for the International Cryptographic Module Conference this year! ICMC 2024 will perhaps be the most energized ICMC to date, as post-quantum cryptography (PQC)
2024-09-19 09:13:21
1016
原创 Exciting Milestone: First atsec Cybersecurity Certificates Issued for Common Criteria
We are thrilled to announce that atsec’s Certification Body (CB) officially issued its first cybersecurity certificates for Common Criteria.
2024-08-29 10:34:27
668
原创 atsec出席2024 PCI社区会议
atsec将参加2024年11月20日和21日在越南河内举行的支付卡产业安全标准委员会(PCI SSC: Payment Card Industry Security Standards Council)亚太社区会议,并与往年一样设置展位。
2024-08-27 14:36:30
295
原创 First Post Quantum Cryptographic Algorithm Certificates Issued
NIST published the final version of FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) on August 13, 2024, making the first post-quantum cryptographic (PQC) algorithms official and wrapping up an eight-year effort to prepare us.
2024-08-19 09:53:14
1181
原创 atsec再次成为2024-2026年度的PCI GEAR成员
atsec自2018年PCI GEAR成立之初就加入了PCI GEAR。2024年,atsec是PCI GEAR的33个成员之一,致力于在全球范围内保护支付数据。作为战略合作伙伴,圆桌会议成员代表评估者社区为PCI安全标准委员会(SSC:Security Standards Council)的计划和项目带来了产业、地域性和技术性的见解。
2024-08-15 09:11:27
849
原创 atsec增加Swift CSP评估资质
atsec信息安全评估员现已被Swift列为Swift客户安全计划(CSP:Customer Security Programme)认证评估员目录中的评估提供商,可以帮助全球金融机构评估其针对CSP强制性和咨询性控制的合规级别。在金融行业,Swift要求使用其消息平台的金融机构接受独立评估提供商的评估,以加强围绕其金融消息服务的安全生态系统。
2024-08-06 14:40:53
556
原创 Guiding the Way through the World of Cyber Security
It is atsec’s firm belief that effective security assurance can only truly be accomplished when the product developers proactively incorporate security requirements they thoroughly understand.
2024-08-06 08:48:44
658
空空如也
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人