Pen Testing (Penetration Testing) and Security Testing for PCI DSS Compliance
Penetration Testing safeguards your business infrastructure against failure by preventing financial loss through fraud, or the loss of income through your business systems and processes being unreliable. Your due diligence and compliance will be proven to your customers, shareholders and industry regulators. Severe penalties can be levied against businesses that fail to comply. Non-compliance can also result in loss of business, bad PR and at worst the failing of your business.
Excerpt from PCI Security Standards Council ™
General
PCI DSS Requirement 11.3 addresses penetration testing, which is different than the external and internal vulnerability assessments required by PCI DSS Requirement 11.2. A vulnerability assessment simply identifies and reports noted vulnerabilities, whereas a penetration test attempts to exploit the vulnerabilities to determine whether unauthorized access or other malicious activity is possible. Penetration testing should include network and application layer testing as well as controls and processes around the networks and applications, and should occur from both outside the network trying to come in (external testing) and from inside the network.
The capture, storage and processing of information can all be assessed including the systems they are stored in, transmission channels, personnel dealing with the information and the processes used. Operating systems, wireless networks, access controls and databases are all areas that are commonly tested.
Risks and possible solutions will be clearly defined in a clear and easy to understand report at the end of our penetration testing service.
Protect your business from the risks of non-compliance with PCI DSS, and vulnerability to hackers, ex-employees with grudges, or even extortionists.
For more information call our friendly and professional IT support team NOW on 0844 493 5548.
