What is PCI Penetration Testing?Are you working towards obtaining a PCI DSS Compliance? Do you also have sensitive card holder data environment? You will need to perform penetration testing on your platform.
See Section 11.3 of the PCI DSS here https://pcisecuritystandards.org.
PCI penetration testing finds the vulnerabilities in your CDE for security weaknesses. This includes all the public internet, internal networks and the components that reside in your CDE.
You would also need to consider other critical systems which are involved in processing and protection of the cardholder data. These include security systems, internet-facing devices and databases and any system that stores, process and transmits the cardholder data.
Our team will target firewalls, web applications, wireless devices and databases etc to find the vulnerabilities in your CDE. It is recommended that penetration testing should be performed at least annually or when there's a major system updates.