dotDefender - Web Application Firewall http://www.applicure.com PCI DSS Requirement 6.6 ensures that all web-facing applications are protected against known attacks by adopting one or both of the following solution: Code Review: This option means having the code for your web-applications reviewed by security specialists who will search for vulnerabilities. Code review is always a good practice, but this option is both costly and does not guarantee that every vulnerability will be found. Implementing a Web Application Firewall: The second option is to install an application layer firewall in front of all web-facing applications. This solution provides a single source of protection for any number of web-facing applications. You can download the dotDefender for 30 days trial at: http://www.applicure.com