Compliance with the Payment Card Industry Data Security Standard (PCI-DSS) is mandatory for all entities that store, process or transmit cardholder data. This ensures a baseline level of protection for consumers and banks. Among the different key controls required by PCI-DSS, are regular penetration tests and vulnerability scans of internal and external network infrastructures and applications.
Intellisec Solutions offers PCI-DSS penetration testing and vulnerability assessment services that can help your organization achieve PCI-DSS compliance, maintain it, or test and improve the security level of its payment systems.
The standard requires recurrent penetration tests and vulnerability assessments. So, when you work with us, you get to choose between a one-time assessment or subscription-based recurrent assessments.
After analyzing your network infrastructure and applications (both the external and internal perimeters), we formulate recommendations that help you mitigate vulnerabilities and any points of non-compliance identified. This enables you to see your payment security posture through the eyes of a hacker and discover where you can improve.
Intellisec Solutions covers the different types of testing required by PCI-DSS v3.2.1: internal and external penetration tests (section 11.3 of the standard) , vulnerability assessments (section 11.2) and segmentation tests (11.3.4).
To comply with PCI-DSS requirements, our approach:
Our testing methods exceed PCI-DSS requirements as we not only focus on compliance but also strive to give you answers to questions such as: Can attackers access credit card information? Can they obtain unauthorized access to sensitive information? How can you minimize the risk of attackers compromising the confidentiality, integrity or availability of Internet facing networks?
As per the frequency of tests, you can choose between one-time penetration tests/vulnerability assessments and subscription-based recurrent assessments.