logo.png
Guided Website Threat Review

We provide a highly experienced, world-class
PCI DSS Compliance Service.

Our team are experts in data security – highly-skilled, knowledgeable and customer focused.

Are you looking for a great team?

Contact Us

Our clients cover sectors such as:

✔   Banks  ✔   Processors  ✔   Payment Service Providers   ✔   Hosting providers  
✔  Retailers (online and brick and mortar)  ✔   Hospitality   ✔   Travel (airlines)  ✔   Insurance  

The Foregenix team have been closely involved with the Payment Card Industry Data Security Standard (PCI DSS) since it’s inception, with one of our directors being a significant contributor to the Visa Account Information Security (AIS) program – one of the security programs used to develop the initial version of the PCI DSS.

We understand PCI DSS and we understand the challenges that most businesses have in achieving and maintaining compliance with the PCI DSS. Our approach is focused on securing your business assets – which includes your customer payment card data. We assist our clients in building an effective information security operation, making PCI DSS Compliance a lot easier to achieve and maintain. Security first, then compliance.

Our team are experts in data security – highly-skilled, knowledgeable, customer focused and used to dealing with all levels of management within clients, including C-level execs to system adminstrators.

Our experience in the PCI arena has enabled us to develop a highly successful and effective methodology for helping our clients to manage their risk and achieve PCI DSS Compliance.

We aim to build a lasting relationship with our clients and our services and attitude reflect this approach.

Our main services include:

Pre-Compliance/Gap Analysis

An onsite review and gap-analysis providing a structured framework and guidance to establish a baseline level of security and identify and address areas of non-compliance. This essential service forms the basis of a successful compliance program.

Network Vulnerability Scans

Identify and prioritise network vulnerabilities ensuring up to date protection from the latest threats and meeting annual PCI DSS compliance requirements.

Penetration Testing

Penetration test services (internal, external and application) provide a comprehensive and thorough analysis of a network and application's security and thus offer protection against potential compromise. Any issues identified are always explained thoroughly in easy to absorb language and remediation advice is provided.

Onsite Assessments

PCI DSS Compliance for Level 1 and 2 merchants, Payment Service Providers and Hosting Providers requires an annual onsite assessment. A structured methodology ensures that this process is as straightforward as possible.

PCI 1-2-3

An online solution which allows level 2, 3 & 4 merchants to monitor and maintain PCI compliance. Designed for SMB organisations, the online portal provides anytime access to real-time PCI DSS compliance and security details, with all the right tools to make it easy to understand, analyse and validate PCI compliance.

Consultancy

Assistance with information security policies and procedures; secure network architecture design; gap analysis and remediation guidance.

Remediation Services.

Ensure that all deviations from the PCI DSS requirements are either remediated or compensating controls are used in mitigating the risk. We have a vendor agnostic approach with advice provided on open-source and commercial solutions with practical recommendations and workshop services available.

Contact Us