undefined | Better HN

0 pointstoast06y ago0 comments

Because either the PCI standard says so, or the PCI consultant says so.

PCI compliance is about checking boxes, not weighing the options and making good choices.

0 comments

Exactly this. Some of the checks _are_ valuable. We found a couple of real issues and made good security improvements. But we also ticked off more than a few boxes that made no damn real sense.

j / k navigate · click thread line to collapse

0 comments

cdubzzz6y ago

Exactly this. Some of the checks _are_ valuable. We found a couple of real issues and made good security improvements. But we also ticked off more than a few boxes that made no damn real sense.

j / k navigate · click thread line to collapse