PCI ASV
commissum's managed services take the strain out of managing your information security.
The Payment Card Industry Data Security Standard (PCI DSS) is a detailed and mandated security standard that includes requirements for security management, policies, procedures, network architecture, application design and other specified controls. The current drive is to meet compliance by the end of September 2010, just in time for the next version of the standard.
Any company processing, storing, or transmitting payment card data must be PCI-DSS-compliant, or risk losing their ability to process credit card payments.
commissum offers the following independent security assessment services to help organisations to achieve and maintain PCI-DSS co
mpliance:
- Quarterly security scanning.
- Penetration testing: network and application.
- Host configuration reviews of firewalls and network infrastructure.
- Web Applica tion Security Assessment (WASA).
- Wireless Security Assessments.
- Securing the software development lifecycle.
- Code review.
- Recomme ndation of compensating controls.
commissum also offers a range of security consultancy services to help you with the self-certification process, including architecture reviews and pre-certification audits.
Do you need to meet the PCI DSS compliance deadline for September 2010?
Get in touch with one of our security consultants today
- No obligation
- Expert advice
- Tailored solutions
"commissum recently provided us with services to assess a web application and supporting infrastructure. I was impressed with the consultants throughout the project, by their technical knowledge, flexibility, open communication and willingness to go that extra mile. Of particular benefit was the sound advice given both during and after the engagement. By identifying vulnerabilities promptly, accompanied with practical recommendations on how to address them. We were able to implement improvements quickly. Good value, a job well done.”
JM, Infosec Analyst, International Investment Bank
Latest News
Alleged Chinese Government Hacking Department back in action
Allegedly the Chinese state sponsored cyber division named as Unit 61398 are back in action after a lull in their activities. This group that allegedly specialises in governmental and industrial espionage was very active and successful up until February this year. The targets of Unit 61398, also known as APT1, have ...Tue 21 May, 2013 //
Leading USA military contractor QinetiQ hacked and ransacked by Chinese hackers for three years
A new report from Bloomberg, the business information provider (www.bloomberg.com/news/2013-05-01/china-cyberspies-outwit-u-s-stealing-military-secrets.html) outlines how hackers from China stealthily infiltrated the computer systems of QinetiQ North America, a leading espionage and military contractor to the US government, and the US branch of the British defence technology company QinetiQ. A vast range of highly ...Wed 08 May, 2013 //
Suspected hacker arrested after “biggest-ever DDoS attack”
Police in Spain have arrested a Dutch national on suspicion of launching the largest-ever “Distributed Denial of Service” (DDoS) attack. Sven Olaf Kamphuis, 35, was arrested on April 25th near Barcelona, Spain. At the time, he was in possession of a specially-equipped van set up as a mobile computing and ...Tue 30 Apr, 2013 //
