ByronM - 3:46 pm on Jan 8, 2008 (gmt 0)

When ever they try to sell the Hacker Safe logo to me or my clients, there selling point is not that it will make your site more "Hacker Proof", but that by seeing the logo, customers will trust your site more therefore increasing your conversion rates...

That is true - they sell it as a logo program to make your customers feel more secure and frankly it is all about making it more secure. So they're not entirely wrong ;)

If you pass all of the audits and do the self compliance check for PCI then its a pretty good bet that you are secure. Have you SEEN the audit? I mean they go down to what router/network/firewall/IDS systems you use, how you lock down your accounts, how you rotate passwords, how you separate business process es and then the automatically check your applications against known vulnerabilities.

I think the problem with the sales pitch is they sell the concept because most decision makers interested in the product know squat about the technical aspects.