PCI DSS Compliance Assessment

What is PCI Penetration Testing?

Are you working towards obtaining a PCI DSS Compliance? Do you also have sensitive card holder data environment? You will need to perform penetration testing on your platform.

See Section 11.3 of the PCI DSS here https://pcisecuritystandards.org.

PCI penetration testing finds the vulnerabilities in your CDE for security weaknesses. This includes all the public internet, internal networks and the components that reside in your CDE.

You would also need to consider other critical systems which are involved in processing and protection of the cardholder data. These include security systems, internet-facing devices and databases and any system that stores, process and transmits the cardholder data.
Our team will target firewalls, web applications, wireless devices and databases etc to find the vulnerabilities in your CDE. It is recommended that penetration testing should be performed at least annually or when there's a major system updates.

What is the actual Penetration Testing requirement in PCI DSS?

Perform an external penetration testing on the CDE

Perform internal penetration testing on the CDE

Any exploitable vulnerabilities found during penetration testing are corrected

Segmentation testing performed to validate that the CDE is isolated from other networks that do not store, process and transmit cardholder data.

Get PCI Penetration Testing Performed

Cyber Security Hive provides the best PCI complaince testing in India, UAE, Dubai. Get in touch with us to get your CDE tested.