Safeguard
Tag

pci-dss

Safeguard articles tagged "pci-dss" — guides, analysis, and best practices for software supply chain and application security.

31 articles

Best Practices

Payment Processor Dependency Risks

The libraries and services that sit between a merchant and the card networks carry concentrated risk. A practical look at what goes wrong, and how to build a dependency program that catches it.

Jun 18, 20247 min read
Compliance

PCI DSS 4.0 Software Supply Chain Requirements Explained

PCI DSS 4.0 quietly turned component inventories, third-party code review, and payment page script control into audit line items. Here's the requirement-by-requirement map.

May 23, 20246 min read
Regulatory Compliance

PCI DSS 4.0 Software Security Requirements

PCI DSS 4.0 became mandatory on March 31, 2024, overhauling software security, SBOM visibility, and supply chain controls for every entity that touches cardholder data.

Mar 31, 20245 min read
Regulatory Compliance

Fintech Software Supply Chain Regulatory Map

A practical tour through the tangle of regulations, supervisory letters, and industry standards that now govern how fintech firms build, buy, and operate software.

Mar 5, 20247 min read
SBOM

SBOM for Fintech Startups: Compliance and Security from Day One

Fintech startups face intense regulatory scrutiny from the start. SBOMs are not just good practice — they are becoming a regulatory expectation that investors and partners demand.

Jan 28, 20245 min read
Case Studies

Stripe's Dependency Security Practices

How Stripe secures its software dependencies while processing billions of dollars in payments, with a focus on Ruby ecosystem hardening and dependency isolation.

Jul 12, 20237 min read
Industry Guides

Retail and E-Commerce Software Supply Chain Security

E-commerce platforms process millions in transactions daily using open-source components. Here's how retail organizations should manage software supply chain risk.

Sep 15, 20227 min read
pci-dss (Page 3) — Safeguard Blog