Protect Cardholder Data
The Payment Card Industry Data Security Standard, also known as PCI DSS, is an information security standard for organizations that store, process, or transmit cardholder data.
Security vulnerabilities may appear almost anywhere your merchant ecosystem including POS-devices, mobile devices, personal computers or servers, shopping applications, and more. You should test components, processes, and software to ensure security is maintained over time. All external IPs and domains exposed in the cardholder data environment (CDE) are required to be scanned at least quarterly and penetration tested annually to maintain compliance.
Payment Card Industry Requirements
PCI DSS Requirements 11.2.1 and 11.2.2
States that internal and external network vulnerability scans must be performed at least quarterly and after any significant change to the environment.
PCI DSS Requirements 11.3.1 and 11.3.2
States that penetration testing must be performed at least annually and after any significant infrastructure or application upgrades or modifications.
PCI DSS Requirements 11.3.4
Requires segmentation testing be performed to verify segmentation methods are operational and effective, and isolate out-of-scope systems from the CDE.
How VULNERA Helps You
Prevent Security Breaches
Continuous testing ensures your systems are secure and your customers can trust you with sensitive payment information
Regularly Monitor Networks
Track and monitor all access to network resources and cardholder data. Systems and processes should be regularly tested
Verify Continuous Compliance
Helps provide records of performance past the QSA assessment as well as give insight into changing environments
