Payment Card Industry (PCI) Security Solutions

Meet PCI DSS requirements

Next Steps:

Overview

Due to the growing problem of credit card fraud and identity theft, the five major credit card companies (American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa) united to support a new independent body, known as the Payment Card Industry Security Standards Council (PCI SSC), to strengthen security controls among their members.

Together they developed the Payment Card Industry Data Security Standard (PCI DSS), and agreed to incorporate the PCI DSS as the technical requirements for each of their data security compliance programs.

Key Benefits

There are various Foundstone programs that help organizations meet Payment Card Industry Data Security Standard (PCI DSS)  compliance requirements. Foundstone expertise can help your organization:

  • Find security holes in applications before hackers can exploit the vulnerabilities.
  • Understand the concepts of building secure software.
  • Evaluate the security of critical servers by analyzing the operating system and application-level security issues.
  • Get guidance in building an Incident Response (IR) Program.
  • Assess the security architecture and evaluate the current design structure of various security control mechanisms in place to determine their effectiveness.
  • Identify and test potential points of attack, focusing on areas where a compromise would have the greatest impact and risk to the business.
  • Maintain a solid security posture over time.
  • Evaluate payment processing applications and products to meet the PCI requirements of protecting cardholder data in transmission and at rest.
  • Measure the maturity of your application security efforts and determine next steps.
  • Build a cost-effective information security management organization.
  • Ensure corporate-wide employee security education.
  • Protect wireless networks. Identifying all wireless network access points and pinpointing weaknesses can assess the overall exposure of the company to wireless network attacks.

Methodology

Foundstone Professional Services offers various programs to help organizations become compliant with Payment Card Industry Data Security Standard (PCI DSS) requirements, including staff augmentation, PCI quarterly scans, source code review, and application and network assessments. As a Qualified Security Assessor (QSA), Foundstone can help your organization become PCI compliant.

Related Services

The following are services related to PCI compliance. Download the Solution Matrix for details on the specific requirements satisfied by each service.

Building Secure Software

Eliminate potential security flaws early in the software development lifecycle by understanding the processes for secure software design, development, and deployment.

Host Security Configuration Assessment

Protect critical servers. Foundstone evaluates the security of servers, verifying defenses for operating systems and devices, and identifying vulnerabilities that cannot be detected through network assessments.

Incident Response Partner Program

Handle your toughest security issues before they occur. Lock in incident response and forensic services at a discounted rate to ensure quick, cost-effective remediation.

Network Architecture Assessment

Improve your security foundation. Foundstone evaluates the security of your network architecture to identify all vulnerabilities and keep intruders away from critical assets.

Policies & Process Development

Define enterprise-wide security policies and build processes to bridge the gap between security policies and technologies. Foundstone creates and implements effective security processes so your company maintains a solid security posture.

Vulnerability Management Program Development

Manage network vulnerabilities. Foundstone develops a network vulnerability management lifecycle to ensure new security weaknesses are quickly discovered and mitigated.

Web Application Penetration Assessment

Improve the security of your web applications. Foundstone identifies holes in production websites before the hackers can exploit vulnerabilities, quantifies the risks to your business, and provides mitigation recommendations.

Wireless Network Security Assessment

Boost wireless network security. Foundstone evaluates access points, seeks out weak security controls and rogue devices, and implements security policies that minimize wireless risks.

Writing Secure Code: ASP.NET (C#)

Build secure and reliable web applications using ASP.NET in this hands-on course. Understand the key security features of the .NET platform and how to avoid vulnerabilities.

Writing Secure Code: Java (J2EE)

Build secure and reliable web applications using Java by understanding the key security features of the J2EE platform and common web security pitfalls.