The Content Security Program of the Motion Picture Association (MPA) specifies security requirements in three areas in its Content Security Best Practices Common Guidelines (Version 4.10 of February 8, 2022):<\/p>\n\n\n\n
In the requirements for the management system, vulnerability scans and external penetration tests are to be carried out in number MS-2.1 in the risk management category. There a reference is made to the requirements DS-1.8 and DS-1.9.<\/p>\n\n\n\n
The requirement DS-1.9 (Firewall \/ WAN \/ Perimeter Security) requires the implementation of annual penetration tests of all external IP addresses and systems. DS-1.8 also requires monthly vulnerability scans.<\/p>\n\n\n\n
Furthermore, one also finds the requirement to carry out web application penetration tests (DS-15.9, Client Portal). Here are some more detailed requirements:<\/p>\n\n\n\n
It is generally recommended that penetration testing is performed by an independent third party.<\/p>\n","protected":false},"excerpt":{"rendered":"
The Content Security Program of the Motion Picture Association (MPA) specifies security requirements in three areas in its Content Security Best Practices Common Guidelines (Version 4.10 of February 8, 2022): Management System Physical Security Digital Security In the requirements for the management system, vulnerability scans and external penetration tests are to be carried out in … [Read more…]<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[220],"tags":[267,271,269,270],"class_list":{"0":"entry","1":"post","2":"publish","3":"author-psauer","4":"post-3374","6":"format-standard","7":"category-pentest","8":"post_tag-csrf","9":"post_tag-owasp-top-10","10":"post_tag-sql-injection","11":"post_tag-xss"},"_links":{"self":[{"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/posts\/3374","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/comments?post=3374"}],"version-history":[{"count":2,"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/posts\/3374\/revisions"}],"predecessor-version":[{"id":3376,"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/posts\/3374\/revisions\/3376"}],"wp:attachment":[{"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/media?parent=3374"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/categories?post=3374"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/security.sauer.ninja\/en\/wp-json\/wp\/v2\/tags?post=3374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}