iVOLUTION SECURITY TECHNOLOGIES - Discover. Determine. Defend - pci dss scanning

By: Ivolution Security Technologies  09-12-2011
Keywords: Penetration Testing, Security Testing, Penetration Tests,

The PCI Data Security Standard is a comprehensive set of requirements for proactive enhancement of payment account data security. The standard was developed by the founding members of the PCI Security Standards Council, including Visa, MasterCard, American Express and Discover Financial Services.

The Payment Card Industry (PCI) standard is a 'security guideline' developed by credit card companies to ensure the proper handling and protection of cardholder account and transaction information. The goal has been to develop and facilitate the broad adoption of consistent data security measures globally.

PCI DSS Requirements
PCI DSS includes requirements for security management, policies, procedures and network architecture, as well as other critical protective measures. The primary focus is a comprehensive standard intended to help organizations protect customer account data.

Section 11.3 specifically points to requirement for security testing
11.3 Perform penetration testing at least once a year and after any significant infrastructure or application upgrade or modification (such as an operating system upgrade, a sub-network added to the environment, or a web server added to the environment).

  • These penetration tests must include the following:
    • 11.3.1 Network-layer penetration tests
    • 11.3.2 Application-layer penetration tests

iVOLUTION Security is strategically positioned to assist merchants of all levels with the requirements for compliance with the PCI Data Security Standard including penetration testing and vulnerability scanning.

Keywords: Penetration Testing, Penetration Tests, Security Testing

Contact Ivolution Security Technologies


Print this page

Other products and services from Ivolution Security Technologies


iVOLUTION SECURITY TECHNOLOGIES - Discover. Determine. Defend - vul assessment

Using a combination of experience and technologies the vulnerability assessment pinpoints specific vulnerabilities and identifies underlying problems. To gain the maximum advantage organizations should promote vulnerability assessments that work hand in hand with penetration testing. IVOLUTION Security audit services provide insights into as many application or operating system weaknesses as possible.



We leverage the skills of our staff as well as public, custom, and professional tools and technologies to provide complete security auditing and testing services that add value, depth, and scope to your network and application testing initiatives. Deep Security Expertise All iVOLUTION consultants are seasoned practitioners of penetration testing, vulnerability assessment, and security auditing services and have accumulated years of experience.


iVOLUTION SECURITY TECHNOLOGIES - Discover. Determine. Defend - pen testing

Our team of specialists targets your network infrastructure, information assets and associated applications to identify and evaluate possible weaknesses. IVOLUTION’s penetration testing service mimics an attacker that has targeted your organization and it’s information assets and mission critical systems. An organization’s security posture is analyzed for vulnerabilities in technologies, applications and security design though active testing.


iVOLUTION SECURITY TECHNOLOGIES - Discover. Determine. Defend - ips testing

If you are currently working with IDPS or are evaluating products, penetration testing can help you understand the strengths and limitations of your systems and their architecture. Testing is required to provide assurance that the systems work as advertised in addition to their tactical positioning within the infrastructure they are attempting to defend.