I will be presenting a webinar on April 15th, hosted by the fine folks at PCI Knowledgebase. The purpose of the webinar will be to introduce Qualified Security Assessors, or QSA’s as they are known, to the concept of WebSphere MQ and give them tools to audit the configurations.
If you have read anything I’ve EVER written you are probably aware that WMQ security is not well implemented in general. But I’ve recently worked with a number of clients who were either card payment processors or merchants, all of whom had been declared PCI compliant but were running WMQ wide open. It became clear to me that the assessment and enforcement folks could benefit from the same WMQ security outreach that has up to now I have directed to administrators and developers.
For more info or to sign up for the webinar, go to PCI Knowledgebase at this link.