PCI SSC releases PCI Secure Software Lifecycle (SLC) Standard 1.1

2021-02-23 04:00

The PCI Security Standards Council has published version 1.1 of the PCI Secure Software Lifecycle Standard and its supporting program documentation.

The PCI Secure SLC Standard is one of two standards that are part of the PCI Software Security Framework.

It provides security requirements and assessment procedures for software vendors to integrate into their software development lifecycles and to validate that secure lifecycle management practices are in place.

"This update to our Secure SLC Standard and Program is a key step in promoting greater implementation by expanding eligibility to vendors that produce software and software components that may share resources within a payment environment."

"One of the most important aspects of the Secure SLC Standard, and a common issue identified in recent compromises, is maintaining good software security, even as software is updated and security threats continue to evolve," said Troy Leach, SVP Engagement Officer, PCI Security Standards Council.

"This is especially true with the increased dependency on third-party software developers. Organizations rely upon these companies to protect payment data against various compromises such as online digital skimming and supply-chain vulnerabilities. Validation against the Secure SLC Standard demonstrates a public commitment to maintain the security posture of the software throughout its entire lifetime."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/JBDNSV-mASM/

#PCI #pcissc