f

anton chuvakin Dr. Anton Chuvakin is a recognized security expert and book author. His security experience covers PCI DSS, log management, intrusion detection, honeypots, etc. Anton has published numerous papers on security and has presented at security conferences around the world. He worked at leading companies such as Qualys, LogLogic in strategic roles.

Website | Blog | RSS | Consulting Services

branden williams Branden Williams could easily be described as one of the industry's leading experts, but that title does not encompass his robust talents. With four active certifications, a list of publications, and an enviable knowledge of technology, he has earned the respect of global, top named clients and industry insiders.

Website | Blog | RSS


PCI Compliance:
Understand and Implement Effective PCI Data Security Standard Compliance, second edition - updated for PCI DSS v 1.2.1





PCI compliance book

"Finally we have a solid and comprehensive reference for PCI. This book explains in great detail not only how to apply PCI in a practical and cost-effective way, but more importantly why."
Joel Weise, Information Systems Security Association (ISSA) founder and chairman of the ISSA Journal Editorial Advisory Board

What This Book is About:

      If you are like most information technology and information security professionals, the idea of becoming compliant with PCI DSS or countless other regulations does not sound like much fun. It is much more common to associate compliance efforts with the other extreme - and that is PAIN. Whether it is the pain of not knowing what to do, pain of failing your first  assessment or pain of "doing compliance" on a $0 budget, there are plenty of challenges that earned compliance - and PCI DSS compliance in particular - that unseemly connection with pain.

      Thus the author team faces the seemingly impossible challenge: to write a fun, useful and insightful book about PCI DSS. We realize all the difficulties of achieving this, and we are committed to the challenge. And we'd like to invite you, our reader, to travel with us in the hopes that when you turn the last page, you would come to realize that PCI DSS compliance can indeed be (YES) fun!

How to Use the Book in Your Daily Job:

    You can use the book during the entire lifecycle from complete PCI unawareness to ultimate security and compliance enlightenment. Specifically, you can use it to:

  • Learn what PCI DSS is and why it is here to stay
  • Figure out how it applies to you and your organization
  • Learn what to do about each of the 12 main requirements to get compliant
  • Gain knowledge about dealing with PCI assessors and how to make your compliance validation as painless as possible
  • Learn how to plan and manage PCI DSS compliance project
  • Understand all the technologies referenced by PCI DSS
  • Figure out what Visa and Mastercard really want from you
  • Get the best experience out of what can be seen as a painful assessment process.

Discount codes:
  • Book discount codes can be found here.

Book materials:
  • View Table of Contents for "PCI Compliance", 2nd edition
  • Download free sample chapter Chapter 3 "Why is PCI DSS Here?"[PDF]
  • Read another chapter excerpt (from Chapter 12 "The Art of Compensating Control" by Branden Williams) in "CSO Magazine"
  • Book errata page - will be added as errors are reported (hopefully, not many)
  • Ask the authors: email.
"PCI Compliance" book reviews:

Useful PCI DSS materials:
Papers by the authors on PCI DSS:
Presentations by the authors on PCI DSS: PCI DSS Videos:
This section contains videos of exciting PCI DSS compliance discussions - with the PCI book authors playing a role:

PCI DSS tips:
Meet the authors:
UPDATED: 03/16/2010
Modified: 16-Mar-2010