Regularly testing the security of systems and processes in the form of vulnerability scanning and penetration testing has always been a requirement for complying with the PCI DSS (Payment Card Industry Data Security Standard). The Standard requires system components, processes and custom software to be frequently tested to ensure security is maintained.
IT Governance is a CREST-accredited provider of security testing services. Our range of testing services enable organizations of all sizes to effectively improve protection of the card data environment.
Our consultants can support:
- PCI ASV (Approved Scanning Vendor) scanning
- Web application penetration testing
- Internal and external infrastructure testing
- Mobile application and device security
- Wireless network testing
- Simulated social engineering tests
- Build reviews
- IT health checks
Speak to a PCI DSS expert
Get in touch with one of our specialists today for more information about our PCI DSS consultancy and technical security services, or to get a tailored quote for your organization.
Request a quote
Discover our range of PCI technical security services
Our consultants will be able to advise you on how PCI DSS testing requirements apply to your organization.
PCI Compliance Penetration Testing
PCI requirement 11.3.1 and 11.3.2 requires certain organizations to perform penetration testing at least annually and after any significant changes.
This can help determine whether and how a malicious user could gain unauthorized access to assets that affect the fundamental security of the system, files, logs, and/or cardholder data.
Our PCI compliance penetration tests assess your security systems, public-facing devices and systems, databases and other systems that store, process or transmit cardholder data to discover your vulnerabilities before cyber criminals do.
PCI ASV scanning
PCI requirement 11.2 requires organizations to run internal and external network vulnerability scans at least quarterly, and after any significant change in the network.
Conducting vulnerability scans helps identify vulnerabilities and misconfigurations of websites, applications, and IT infrastructures that have Internet-facing IP addresses.
Our HackerGuardian scanning service performs highly accurate scanning of your externally facing systems as required by the PCI DSS. It runs more than 60,000 tests on your organization’s servers and network, and provides clear advice on how to fix any security vulnerabilities.