API Security for PCI Compliance

Issued by APIsec University

The API Security for PCI Compliance course reviews the updated DSS 4.0 standard and examines the requirements for securing APIs. DSS 4.0 introduces specific obligations for API security that apply to all bespoke and custom software that processes, stores or transmits cardholder data. This course analyzes the DSS regulations and extracts all requirements that apply to APIs, and provides best practices and guidances for compliance and more effective API protection.

Type Learning
Level Foundational
Time Hours

Additional Details

Skills

API Security
Application Security
Application Security Testing
Cybersecurity Compliance

Earning Criteria

Completing all 5 training modules - 1 hour
Passed all module quizzes
Passed final assessment

Standards

PCI Data Security Standard

PCI DSS provides a baseline of technical and operationalrequirements designed to protect account data. While specifically designed to focus on environments with payment card account data, PCIDSS can also be used to protect against threats and secure other elements in the payment ecosystem.

OWASP API Security Top 10

APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this, APIs have increasingly become a target for attackers. Without secure APIs, rapid innovation would be impossible.