Web application firewall vendor joins PCI Security Standards Council

Breach Security announced it has joined the Payment Card Industry (PCI) Security Standards Council, an open global forum founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International for the ongoing development and implementation of security standards for payment account data protection.

In September 2006, the PCI DSS established enhanced security requirements with the introduction of PCI DSS version 1.1. The latest adaptation includes section 6.6 which calls for “ensuring that all web-facing applications are protected against known attacks by applying either of the following methods: having all custom application code reviewed for common vulnerabilities by an organization that specializes in application security; installing an application layer firewall in front of web-facing applications.” This method for protection is considered a best practice until June 30, 2008, after which it becomes a requirement.

“Breach Security offers the most technically advanced web application firewalls with the broadest range of deployment options to serve any organization, large or small. Unlike vulnerability scanning, Breach Security’s web application firewalls provide continuous, real-time protection against security threats to sensitive information collected and managed by web applications,” said Marc Shinbrood, CEO, Breach Security, Inc. “We have added specific PCI-related signature profile detection to our products and look forward to participating in the ongoing development of the PCI Data Security Standard. Breach Security wants to help the payment card industry maintain the trust of online customers by offering an important layer of security for web applications.”