Most annoying instance I've experienced with PCI compliance was with an auditor ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		OSButler on May 16, 2015 \| parent \| context \| favorite \| on: Filter all ICMP and watch the world burn Most annoying instance I've experienced with PCI compliance was with an auditor who didn't understand the concept of patching. Even after providing the full list of backported CVEs, which clearly showed the one he insisted was missing on the system, he still refused to pass it. Only after escalating the issue was it finally marked as passed.

vidarh on May 16, 2015 [–]

I've had that too - the only thing the auditor in question cared about was the version number that their run of nmap had guessed.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact