Web Application Security Products
for the entire life cycle

PCI Compliance

Our Solutions support you to comply with PCI DSS V.1.2

  • Web Application Protection (6.6)
  • Source Code Reviews (6.3.7)
  • Penetration Testing (11.3.2)

more Infos...

 

PCI FAQs

 

What is PCI DSS?

The Payment Card Industry Data Security Standard (PCI DSS) was established by the PCI Security Standards Council which consists of the leading credit card organisations. The Standard details security requirements for storing, processing or transmitting cardholder data. The latest version 1.2 was released in October 2008.

Who is affected by PCI DSS?

Merchants and (IT-)Service Providers who process or store credit card data are advised to comply with PCI DSS. Non-Compliance will lead to increasing transaction costs and/or fines or claims for damages (depending on the size of the organisation).

How does art of defence support your business to meet PCI DSS?

PCI Requirement 6.6 became compulsory in July 2008 saying:

Ensure that all web-facing applications are protected against known attacks by applying either of the following methods:
  • Having all custom application code reviewed for common vulnerabilities by an organization that specializes in application security
  • Installing an application layer firewall in front of web-facing applications

Additionally since PCI DSS V 1.2 Source Code Reviews are obligatory for internal and external applicactions on a regular basis. Compliance with these requirements is either involved with a lot of manual work and hence high labour costs or alternatively you comply with these requirements by using (semi-)automated tools. The products of art of defence help you to comply with PCI DSS. Due to the products high efficiency and ergonomics they secure Web applications easily and at preferably low costs.

hyperguard:

The Web Application Firewall hyperguard provides protection for Web Applications in use according to PCI Section 6.6. The integrated logging-functions in hyperguard are conform to PCI-Audit-Requirements for security-products as described in section 10.2, 10.3 and 10.6.

hypersource:

The Web Source Code Analyzer hypersource supports you with code reviews (PCI DSS 6.4.7) and provides a different way to secure Web applications (as already mentioned in PCI-Requirement 6.6.)

hyperscan:

The Web Vulnerability Scan Server hyperscan can replace or complement the Static Source Code Analyses of hypersource. Additionally, hyperscan can be deployed for regular penetration testing as required in section 11.3.2.