jump over to the Brazen Life blog
Where ambitious young professionals connect and grow
Dr. Anton Chuvakin
San Jose, California
none at the moment
Information Technology
Anton Chuvakin Website
Fans (5)
Following (0)
Groups (2)

Already a member?

Click here to login

Welcome to Brazen Careerist!

Dr. Anton Chuvakin is using Brazen Careerist to share ideas. Join now to become a member and start networking with Dr. Anton Chuvakin and other professionals just like you. Learn more.


All Activity

 
Dr. Anton Chuvakin >breaks usefulness Well, I've seen cases where is a little creative thinking allows them to skip PAN storage and still preserve business usefullness. In some cases, this is clearly impossible; but maybe they can outsource to somebody who can protect the data better..

129 weeks ago from InfoSec Professionals

 
Ray Pompon PCI mandated encryption is a fare - other than laptop encryption, how many people under PCI actually implement crypto for their applications that process PANs (ccard #s). Most of what I see are "compensation controls" because crypto is too expensive to do. What's you're take?

129 weeks ago from InfoSec Professionals

View 2 older replies

Dr. Anton Chuvakin: Yup, my point exactly: tokenization or simply not touching the data by using other technologies works wonders to PCI scope, cost, etc.
129 weeks ago
Ray Pompon: But what about those who cannot tokenize or remove the PANs from their applications because it breaks the business usefulness of the system? I've ...MoreBut what about those who cannot tokenize or remove the PANs from their applications because it breaks the business usefulness of the system? I've seen quite a few cases of large corps where it wasn't cost effective to alter the data in any way within the legacy app.
129 weeks ago
Interests
Published Books • “Security Warrior” (co-author) • “PCI Compliance” (co-author) • “Beautiful Security: Leading Security Experts Explain How They Think” (contributor) • “OSSEC Host-Based Intrusion Detection Guide” (contributor) • “Infosecurity 2008 Threat Analysis” (contributor) • “Hacker’s Challenge 3” (contributor) • “Information Security Management Handbook” (contributor) Public Presentations • Recent presentations at SANS, CSI, ISSA, MISTI, DeepSec, etc - see www.chuvakin.org/secpublic.html Other Publication List • See www.info-secure.org Other Interests • Proposal reviewer for security books for Addison Wesley, Syngress/Elsevier and Auerbach Publications • Advisory Board Member: LogLogic, Inc (Log management/SIEM) • Advisory Board Member: Savant Protection, Inc (HIPS) • Advisory Board Member: nexTier Networks, Inc (DLP) • Contributor to Cloud Security Alliance, compliance and governance in the cloud group • Contributor to SANS/FBI "Top 20 Most Critical Internet Security Vulnerabilities" – widely referenced list of common security vulnerabilities (2002-2006)
Specialties
Information security, PCI DSS compliance, log management, security information and event management, intrusion detection, Unix security, honeypots, security incident response and forensics, product management, security strategy, market research, competitive research, technical writing, communication and presentation skills.

Groups (2)

View All
c8s5.jpg
singularity.jpg

Fans (5)

View All
Bill Wildprett
Ryan Paugh
Mimi Herrmann
Andy Willingham
Ray Pompon