We has partnered with leaders in IT Security Software. Using their PCI ASV (Approved Scanning Vendor) and using state of the art custom security tools and processes, we exceed industry standards by implementing a 4-Phase PCI Penetration Testing Process. Testing is performed by qualified industry professionals, holding major information technology security certifications such as CISSO-CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor) and CPTE (Certified Penetration Testing Engineer).
We are able to help merchants manage data security risks, evaluate the security of their systems that store payment account data, and assist them in achieving compliance with the PCI data security standard (DSS) using state of the art security tools and processes.
PCI requires organizations to monitor and test networks to find and fix vulnerabilities on a regular basis. We can help merchants meet and exceed the following PCI requirements:
11.2 Run internal and external network vulnerability scans at least quarterly and after any significant change in the network
11.3 Perform external and internal penetration testing at least once a year and after any significant infrastructure or application upgrade or modification, including network- and application-layer penetration tests.
6.6 For public-facing web applications, address new threats and vulnerabilities on an ongoing basis and ensure these applications are protected against known attacks by either of the two methods.
At the conclusion of the testing process, clients receive a Security Assessment Report which includes comprehensive information to empower clients to make the necessary changes to adhere to compliance standards.