PCI ASV Security Vulnerability Scanning
PCI Website Security Penetration Testing
Speak to the Risk Factory Foreman, and he'll tell you everything you need to know.
Call us on 0800 978 8139
A PCI Website Security Penetration Test is the method for evaluating the security integrity of a website that processes, stores or transmits card holder data by simulating an attack from a hacker. The purpose of the test is to see if a hacker can access or compromise the card holder data. Effective penetration testing will illustrate if and how this can be achieved based on your current website security defences.
As we are testing to ensure the security of cardholder data processed by the website for Payment Card Industry (PCI) compliance, the scope of the testing will specify obtaining access to cardholder data as the objective.
Conducting regular routine testing will continue to verify your website security and confirm that you can identify and stop unauthorised access to prevent security incidents. The testing is also mandated for complying with Requirement 11.3 of the PCI Data Security Standard (DSS) V3.
Your website should be tested at least annually and after any significant change for compliance to PCI DSS.
We just need to know the Internet Protocol (IP) address and the Uniform Resource Locator (URL) for your website. If you don’t know your IP or URL, don’t panic our Factory Foreman can help you.
Also don’t forget to specify the exact number of tests you’d like to purchase when getting your quote. Our Factory Foreman will call you to schedule each test purchased. You can for example, purchase multiple tests (for better value) and get them delivered over time when you need them to match your ongoing business requirements.