Blogs I Read: PCI Compliance Demystified

I’m going to start a new section of my blog in which I detail some of the blogs that I read and the reasons I keep going back to them.

I’m going to start with PCI Compliance Demystified. From the ‘About’ page:

This blog is devoted to demystifying the PCI DSS compliance process and linking you with as many resources as we can. The goal is to decentralize the information and provide a better ROI to your company or your clients.

I stumbled across this blog while searching for information on PCI compliance as it was something that was, and still is, a foggy mess to me. The blog accepts questions from anyone who wants to know more about PCI regulations or requires clarification.

– One of the best sites out there for PCI information as the authors are trying to inform rather than sell to you
– Accepts questions from readers and posts the responses for all to learn from
– Provides a phone number where you can leave voice mail questions
– Frequently updated with quality information
– Fantastic resource page with links to additional information:

– Some knowledge of PCI, although not required, is helpful in understanding the content

5stars– A fantastic site that every security professional should add to their RSS list even if they don’t deal with PCI on a regular basis

Written by Andrew Hay


  • Hello and thank you for writing a review of our site. If you have any suggestions for improving please let us know.

    You might also want to note that the blog is co-authored by numerous people in different areas of PCI compliance from around the world. We have writers from US, Europe, and Asia-Pacific.


Devastatingly handsome CISO @DataGravityInc.

Security, DFIR, DevOps, cloud, business, and BBQ renaissance man of most trades (master of some).