Secure your customer data and stay compliant

Payment Card Industry Data Security Standards (PCI DSS)

Process, store, and transmit credit cardholder data securely.

PCI DSS Compliance is a continuous process that includes Reporting, Assessing, and Remediation. In general, there are four parts to achieving PCI compliance: 
1) Completing the appropriate questionnaire;
2) Vulnerability Scan;
3) Penetration Test;
4) Policy Assessment.

Once all steps are complete an Attestation of Compliance may be submitted.
PCI Compliance steps
Who: Qualified assessors with industry certifications and previous penetration testing experience.  
How: A manual process that may include the use of vulnerability scanning or other automated tools, resulting in a comprehensive report.
When: At least annually and upon significant changes — for example, infrastructure or application upgrade or modification — or new system component installations.

3rd Party Assessments

PCI Security Standards require penetration tests be done by a qualified 3rd party or qualified internal resource that is organizationally independent. Most organizations choose to work with outside pentesters for their expertise as well as the simplicity of scoping a project with them.

A key benefit of working with 3rd party assessors is the unique perspective that each brings, to help strengthen your security posture. While there are general standards for penetration testing, different assessors may find different results. With the complexity of network architectures, and the need to evaluate within a specific scope, opting to work with multiple vendors over time helps minimize vulnerabilities.

Achieving PCI Compliance

Alacrinet's team of assessors focus on the pentesting and vulnerability scans portions of the PCI requirements. We provide high quality results by staying focused on our area of expertise and years of pentesting experience.

Get in touch to discuss pentesting for your environment

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form

Learn More About Penetration Testing

Questions about
PCI Pentests?

Contact us to learn more about penetration testing for PCI DSS.