PCI DSS 2
The PCI DSS version 2.0 (PCI SSC, 2010) requires that external and internal penetration be completed at least annually or when there are any significant changes to the environment.
The Payment Card Industry Data Security Standard, introduced in 1999, is a rigorous set of prescriptive requirements aimed at securing systems that handle credit card numbers. The majority of organisations are overwhelmed by the cost of compliance. Performing security specialist tasks such as formal risk assessment, incident handling, alert monitoring and penetration testing are often over and above the regular duties of the in-house I.T. staff. Maintaining a security team with the capabilities to perform these tasks can be expensive and considered out-of-reach for many small and medium organisations. Smaller organisations with smaller I.T. budgets often need to find ways of lowering the cost of achieving compliance. Penetration Testing, in particular, can be an expensive activity to commission either from an internal team or an external provider. Considering that a clean Penetration Test report is a requirement of PCI DSS , an organization may need to initially perform a number of rounds of testing to achieve a clean report, raising costs again.
The PCI DSS Pentest compliance service provides a comprehensive testing of your system to check for possible security gaps. Our service is based on the industry standard requirements of the Payment Card Industry Data Security Standard (PCI DSS). It provides an in-depth assessment of the security of a system including internal and external penetration tests, network packet analysis, firewall and router configuration reviews, authentication protocols, operating system security configurations and more.
- External and Internal Penetration Test
- Network Packet Analysis
- Firewall/Router Configuration Review
- Authentication Protocols Validation
- Operating System Security Configuration Review
- Proactively find vulnerabilities before hackers do to ensure highest security for your cardholder data environment
- Gain insight into configuration issues affecting risk levels within a set area
- Receive instant feedback on risk levels with proposed remediation steps