Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Book a CREST penetration test today. Get a quote.

Overview

Regularly test security systems and processes in line with PCI DSS requirements

Regular assessment of systems and processes is among the key controls mandated by PCI DSS to protect cardholder data.

Requirement 11 of the standard outlines the need for organisations to perform internal and external penetration testing at least annually, or after any significant changes to infrastructure.

A range of security assessment services

Testing

What is a PCI DSS penetration test?

A penetration test is a type of cyber security assessment designed to identify, exploit and help address vulnerabilities.

PCI DSS penetration testing is designed to include assessment of network infrastructure and applications from both outside and inside an organisation’s network environment.

Scope

What needs to be assessed?

PCI DSS penetration testing must be performed on an organisation’s complete cardholder data environment (CDE) and includes any systems which may impact the security of the CDE.

A PCI pen test will help to identify:

  • Unsafe system and network configurations
  • Improper access controls
  • Rogue wireless networks
  • Coding vulnerabilities like XSS and SQL injection
  • Broken authentication and session management
  • Encryption flaws

Why Redscan?

Why choose Redscan for PCI DSS penetration testing?

Redscan is a CREST-accredited and award-winning provider of penetration testing services. Our ethical hacking engagements, including network penetration testing and web application testing, help organisations to achieve PCI DSS pen test standards by identifying weaknesses that could enable card payment details to be compromised by criminal attackers.

A Redscan employee shakes hands with a partner

Meet some of our team

“When choosing a pen test provider, you need to be confident they will deliver what they promise. At Redscan, as a CREST-accredited company, we always maintain the highest technical, legal and ethical standards. Transparency and integrity are key to everything we do.”
Jed
Head of pentesting
“Our remit is to think creatively to find solutions that will help keep your organisation more secure. We’re continually improving our knowledge of how adversaries think so that we can better identify security weaknesses and enhance detection of new and emerging threats.”
Faisal
Security Consultant
“We aim to make sure that your organisation gets the best possible value from a penetration test. We'll talk you through the assessment at every stage and answer any questions you might have along the way.”  

 

Philip
Security Consultant
“We’re focused on delivering the best pen testing security outcomes for our clients. That’s why we’ll work with your organisation every step of the way – from initial scoping of requirements through to remediating vulnerabilities. Communication is a vital part of our approach and we’ll work hard to help you achieve the results you need.”
Nima
Security Consultant

More

More about PCI DSS compliance

For more information about PCI DSS compliance:

Get a quick quote

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
15th September 2020
Significant number of remote workers use own devices to access company data
A global survey of over 13,000 remote workers has found that 39% of them use their own devices to access data belonging to their employer, often via services and applications hosted in the cloud. Many of the personal devices used to do this were identified as being less secure than corporate devices.
8th September 2020
New research suggests a quarter of company desktops lack security software
New research suggests that almost one in four (23%) of desktop computers and one in five (17%) of laptops supplied by UK employers lack security software. The research also reveals company smartphones to be as exposed to cyber security issues as desktop computers.
1st September 2020
Formal warnings issued about the rise in vishing attacks
The FBI have issued formal warnings about vishing, a new version of phishing in which cybercriminals make voice-over-IP (VoIP) calls to employees they view as vulnerable. The rise of vishing, also known as voice phishing, is thought to be due to the increase in remote working and the use of VPNs.
25th August 2020
96% of UK businesses experienced at least one major cyber-attack over the past year
Research shows that 96% of UK businesses experienced at least one significant cyber-attack over the past year with 65% of respondents stating that their operational technology (OT) had undergone an attack.