All posts by Héctor García

PCI QSA, PFI, CISA, C|EH, C|SS, COBIT, TOGAF, ITIL Intermediate OSA-RCV

The reality of PCI SSF: What Sellers, Entities (and Advisors) Keep Ignoring

This is the first article in a series dedicated to breaking down the PCI Software Security Framework (SSF). In future deliveries, we will delve into technical details and specific use cases, but today we start with the foundations. In the security ecosystem...

/ January 14, 2026

CDE General Inventory Template

Many of us have already begun to analyze and even work on the adaptations and new requirements for the transition process from PCI DSS version 3.2.1 to version 4.0. In the eagerness to support the...

/ November 23, 2022