Your browser has been detected as Internet Explorer 6 or lower. Please note that some website functionality may be incompatible. Therefore we strongly recommend upgrading your browser.

About Us

Testing Services

7Safe Services

Follow us on

  • Follow us on Twitter
CREST Approved Pen Testing services

RSS News & Events

PCI penetration testing and compliance

A PCI penetration test refers to penetration testing that needs to be carried out for those companies who are required to be PCI DSS compliant and will be specific to an organisation’s Cardholder Data Environment (CDE). Penetration testing forms part of requirement 11.3 of the PCI DSS and for some organisations, PCI penetration testing is a mandatory requirement on a yearly basis.

7Safe has built up a very strong understanding of the PCI penetration testing requirements and also how organisations are compromised when access to the CDE is gained (please see our Security Investigations and Assessments team).  Our penetration testing team and PCI consulting team (QSA) both fit into 7Safe’s Information Security Consulting delivery structure and thus work very closely together which we find is tremendously valuable to our customers.  For example, during a PCI audit, our PCI consultants will know that the correct CDE scope for penetration testing will have been defined and that the correct series of tests and therefore controls will be in place

We also work for clients that source PCI consultancy elsewhere. Our detailed knowledge of the Standard serves our client well in that we can still correctly scope the CDE and therefore the scope of penetration testing.

During PCI penetration testing 7Safe’s consultants also deploy our 7Seec  PAN (Primary Account Number) scanning tool to establish the presence of unencrypted / unprotected PANs which clearly are a breach of the PCI requirements. This adds incredible value in that we wish to ensure all efforts to protect the PAN are undertaken to avoid a PCI breach (and therefore the need for a Qualified Forensic Investigator investigation).

Clearly the Standard also highlights the issues of secure code development and review which is a service that 7Safe’s penetration testing and application testing team provide.

PCI DSS Standards Council

Scanning for Primary Account Numbers (PANs) with 7Seec

VN:F [1.9.22_1171]
Rating: 4.5/5 (16 votes cast)
PCI penetration testing and compliance, 4.5 out of 5 based on 16 ratings
ISO 27001 & 9001
7Safe London
123 Buckingham Palace Road
London, SW1W 9SR
United Kingdom

Tel: +44 (0)870 600 1667
Fax: +44 (0)122 328 1114
7Safe Cambridge
Cambridge Technology Centre
Melbourn, Herts SG8 6DP
United Kingdom

Tel: +44 (0)870 600 1667
Fax: +44 (0)122 328 1114