paint texture

PCI Network Security Penetration Testing

Evaluating the security integrity of a network that processes, stores or transmits cardholder data by simulating an attack from a hacker.
paint texture
Risk Factory Guarantee Badge

The Risk Factory Guarantee

No questions asked, full refund if you are not 100% happy.
Find Out More
Megaphone paint texture

Factory Fact

The average cost of a security breach for a small company is £115k.
View our resources
Ringing Phone Icon paint texture

Need some help?

Speak to an expert. Contact our “Factory Foreman” and he can answer any questions you may have.

Call us on:
0800 978 8139
Contact Us

get an instant quote

Number of Tests

Number of IPs

Price: £0.00

What is it?

A PCI Network Security Penetration Test is the method for evaluating the security integrity of a network that processes, stores or transmits cardholder data by simulating an attack from a hacker. The purpose of the test is to see if a hacker can access or compromise the cardholder data. Effective testing will illustrate if and how it can be done given your current network defences.

Why should I do it?

Conducting security penetration testing will enable your business to verify the security integrity of your systems and ensure that you can identify and stop unauthorised access. It will test business response times to security incidents and check that your security policies procedures and systems administration are correctly implemented. It is also required for compliance to the Payment Card Industry (PCI) Data Security Standard (DSS), (Control 11.3).

How often should I do it?

Annual testing of external IP addresses associated with cardholder data is mandatory for compliance to the PCI DSS and after any significant change.

What will Risk Factory do?

  • Conduct one Security Penetration Test of your network required for compliance in accordance with requirements established in the PCI DSS.

What will I receive?

  • A detailed report of the findings documenting any vulnerability identified and detailing recommendations for mitigating that vulnerability. To see a sample contact our Risk Factory Foreman.
  • On-call telephonic support from an information security consultant for two weeks after the test to answer any questions you may have about the report or remedial recommendations.
  • A free retest two weeks after the original scan to ensure recommended remedial actions were effective in mitigating any critical vulnerability originally identified.
  • A certificate of validation for evidence of compliance.

Do I need to prepare anything in advance?

We just need a list of the internet-facing IP addresses associated with your Card Data Environment (CDE). If you don’t know these IP addresses, don’t panic our Factory Foreman can help you.

Don’t forget to specify the exact number (quantity) of tests you’d like to purchase when getting your quote. Our Factory Foreman will call you to schedule each test purchased. You can, for example, purchase multiple tests (for better value) and get them delivered over time when you need them to match your ongoing business requirements.

Please consider updating your browser

This website has been designed using modern web technologies which unfortunately, are not supported by your browser. This means that many parts of the site will not function as intended.