SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

Today I'm starting a journey to become a PCI Professional (PCIP), and I'll be periodically updating the status of this journey on the 7MS forums.

You don't need to be a QSA to get a PCIP, but you do need "2 years in IT or payments related background to have your application approved."

The PCIP certification gives you (and I'm quoting from the PCI Web site):

• Principles of PCI DSS, PA-DSS, PCI PTS, and PCI P2PE Standards
• Understanding of PCI DSS requirements and intent
• Overview of basic payment industry terminology
• Understanding the transaction flow
• Implementing a risk-based prioritized approach
• Appropriate uses of compensating controls
• Working with third-parties and service providers
• How and when to use Self-Assessment Questionnaires (SAQs)
• Recognizing how new technologies affect the PCI (e.g. virtualization, tokenization, mobile, cloud)

The test costs + exam for a non-participating organization (like 7MS) is $2,500. You also have to re-up every 3 years for $260 (yay, another thing to have to pay for regularly).

In the miscellany department:

• Do you know someone who would enjoy a live 3-song acoustic concert? Check out my family's new ministry, Q.U.A.C.K. - Quarantined Unplugged Acoustic Concerts of Kindness.

• A Webinar on creating kick-butt cred-capturing phishing portals is happening on Tuesday, April 14! Register here!