Ensure You Are Protecting Cardholder Data
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes. The PCI Standard is mandated by the card brands but administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud.
To meet the requirements of a PCI DSS certified auditor, all material delivered to the auditor follows the guidance specified in PCI DSS Penetration Testing Guidance.
Payment Card Industry Requirements
PCI DSS Requirements 11.3.4
Requires segmentation testing be performed to verify segmentation methods are operational and effective, and isolate out-of-scope systems from the CDE.
PCI DSS Requirements 11.2.1 and 11.2.2
States that internal and external network vulnerability scans must be performed at least quarterly and after any significant change to the environment.
PCI DSS Requirements 11.3.1 and 11.3.2
States that penetration testing must be performed at least annually and after any significant infrastructure or application upgrades or modifications.
How VULNERA Helps You
Prevent Security Breaches
Continuous testing ensures your systems are secure and your customers can trust you with sensitive payment information.
Regularly Monitor Networks
Track and monitor all access to network resources and cardholder data. Systems and processes should be regularly tested.
Verify Continuous Compliance
Helps provide records of performance past the QSA assessment as well as give insight into changing environments.
