Presentations

Please note that all presentations are copyright Knightcraft Technology. They may be shared but only in the same form in which they appear on this website (unmodified and in entirety).

Security? A never ending story

Security? A never ending story

When it comes to cybercrime and the HPE NonStop, hacking a system is about finding a way to access privileged userids such as super.super, or the application owner, which enables a person to then perform unauthorized functions on the system as that user. The only way to ensure that there are no holes in your security that would allow this kind of breach is by regularly reviewing all of the subsystems that, if not configured appropriately, may leave your company... more

PCI DSS 3.2 and how you can achieve it on your HPE NonStop servers

PCI DSS 3.2 and how you can achieve it on your HPE NonStop servers

The Payment Card Industry Security Standards Council (PCI SSC) published PCI DSS version 3.2 in April, 2016. Many NonStop customers come under the purview of PCI DSS and this talk explains how this new update to the standard impacts the NonStop environment and what they need to do in order to comply. This presentation was provided to HPE internal staff as part of the Dan Porter TekTalk series. *Knightcraft Technology is the leader in security consultancy services and PCI DSS compliance... more

Common HPE NonStop security hacks and how to avoid them

Common HPE NonStop security hacks and how to avoid them

While many organizations are currently focused on compliance, in many cases the real security of the system takes a back seat. Often this is due to the lack of in-depth platform knowledge possessed by the auditor or QSA and the underlying assumption that if you are compliant you are also secure. The key for a hacker of any system is to obtain privileged userid access rights and on the NonStop there are a number of potential security configuration holes that,... more

You may be PCI DSS Compliant, but are you really secure?

You may be PCI DSS Compliant, but are you really secure?

Many HPE NonStop customers have been passed by a QSA as being PCI compliant, but often the QSA doesn't have sufficient NonStop expertise to really know if all technical security requirements have truly been met. This can include compensating controls used for protecting sensitive data as well as vulnerabilities in configuration that may provide ways of gaining access to privileged userids or data. A number of recent high profile security breaches have alerted the whole industry to the fact that... more

PCI DSS - A Practical Approach to Compliance for HPE NonStop Servers

PCI DSS – A Practical Approach to Compliance for HPE NonStop Servers

Much misinformation exists on what is required to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS). This presentation draws on real life NonStop customer experiences to provide a practical framework on how to approach PCI compliance for the HPE NonStop platform. Included are lessons learnt from recent PCI projects, common obstacles faced by organizations, details of what a QSA will typically look for during a PCI DSS assessment, the balance between compliance and security, separating the... more


Knightcraft services can be obtained directly from Knightcraft or can be procured through either of our partners, HPE or comForte. Please Contact us or your HPE or comForte account team to find out how we can help you achieve your security and compliance objectives.