Penetration Testing Overview
How do you really know if your sensitive data is secure? Even the best web developers can accidentally miss a few secure coding steps, while other developers might not be aware of the latest secure coding practices.
What is a Penetration Test?
As your trusted security and PCI compliance partner, SecurityMetrics penetration testing team will attempt to gain access to your systems, document how the access was obtained, and help your organization in determining how to prevent such vulnerabilities in the future.
Are Penetration Tests Required?
If you are a high-volume merchant or service provider, PCI-DSS requires you to be assessed by a Qualified Security Assessor (QSA) annually. As a part of the annual assessment, you are required to have a penetration test on all systems connected to the Cardholder Data Environment. The definition of high-level varies depending on the Card Brands you accept. Fines and deadlines for non-compliance vary depending on the Acquiring Bank.
How Do I Engage SecurityMetrics?
If you wish to obtain a price quote for a penetration test please contact a SecurityMetrics Strategic Accounts representative at (801) 705-5656. They will send you a short questionnaire for a custom price quote that will meet your needs and budget.
As your trusted security and PCI compliance partner, SecurityMetrics penetration testing team will attempt to gain access to your systems, document how the access was obtained, and help your organization in determining how to prevent such vulnerabilities in the future.
Are Penetration Tests Required?
If you are a high-volume merchant or service provider, PCI-DSS requires you to be assessed by a Qualified Security Assessor (QSA) annually. As a part of the annual assessment, you are required to have a penetration test on all systems connected to the Cardholder Data Environment. The definition of high-level varies depending on the Card Brands you accept. Fines and deadlines for non-compliance vary depending on the Acquiring Bank.
How Do I Engage SecurityMetrics?
If you wish to obtain a price quote for a penetration test please contact a SecurityMetrics Strategic Accounts representative at (801) 705-5656. They will send you a short questionnaire for a custom price quote that will meet your needs and budget.
"Strange as it might sound, I am really glad you did find those vulnerabilities. This is stuff that literally keeps me awake at night! After learning a little about blind SQL injection, I went through 1.5 million lines of code in only a few days and buttoned things up. It was either that, or don't sleep ever again!"
- Large Payment Processor
Is it Only about Finding Vulnerabilities?
No. Finding vulnerabilities is important, but once the vulnerability is found, it must be determined what process broke-down that allowed the vulnerability to exist in your environment unchecked. We also provide you the following benefits:
- A commitment to take the time to understand your operations and processes, enabling SecurityMetrics to accurately scope the cost and effort of the assessment
- Ability to communicate your vulnerabilities and needed remediation in a report that is easily understood by both engineers and managers
- Outlines of the exploit potential behind each vulnerability with detailed security best-practice steps for remediation
- Simple, straightforward pricing with no hidden charges or add-on fees