Category: Compliance & Policy

Penetration Testing in Support of PCI DSS 3.0

The Payment Card Industry (PCI) has recently released version 3 of the Data Security Standard (DSS), which is part of the compliance assessment for entities performing payment card processing, including merchants, processors, financial institutions, and service providers. Paragraph 11.3 of PCI DSS 3.0 requires the implementation of a penetration testing methodology, and greatly expands on