Overview
What you need to know about payment security
PCI DSS 3.2 encompasses six key objectives. These objectives are split across a set of 12 requirements, each incorporating a range of preventative, detective and directive controls.
Objectives
PCI DSS objectives
Services
Our PCI DSS services
Redscan offers a range of specialist PCI DSS services, including:
-
Kroll Responder, our Managed Detection and Response service, help organisations track and monitor access to network resources and cardholder data in order to achieve compliance with PCI DSS 3.2 requirements 10 & 11.
Responder offers:• Log management
• Asset discovery
• Intrusion detection
• File integrity monitoring
• Internal vulnerability scanning
-
Requirement 11 of PCI DSS 3.2 outlines the need for organisations to perform internal and external penetration testing at least annually, or after any significant change to network infrastructure.
-
Internal quarterly vulnerability scanning by our cyber security experts helps to identify, classify and remediate common exposures such as weak user credentials and unpatched or out-of-date operating systems, applications and software. To comply with PCI requirement 11, vulnerability scans should be performed quarterly and after any significant network changes.
-
Call upon a highly-qualified and experienced security professional to support your PCI DSS requirements. By acting as an extension of in-house resources, a Redscan Virtual CISO can help to assess cyber-risk and develop and implement the policies, procedures and controls needed to achieve PCI compliance.
Discuss your PCI DSS requirements
Get in touchMore
More about PCI DSS compliance
For more information about PCI DSS compliance:
Get in touch
Complete the form for a prompt response from our team.
Resources