Timeline for PCI DSS 4.0: The Sixth Requirement and Maintaining Secure Systems
Software, whether a locale installation or a web application, carries the risk of attack. While phishing and other social engineering attacks are some of the most common forms of a system breach, hackers still go for open vulnerabilities in software, whether due to bugs or misconfigured settings. That’s why the sixth requirement of the PCI DSS 4.0 emphasizes the practices and policies that help maintain secure software.