The Foregenix team have been closely involved with the Payment Card Industry Data Security Standard (PCI DSS) since its inception, with one of our directors being a significant contributor to the Visa Account Information Security (AIS) program – one of the security programs used to develop the initial version of the PCI DSS.
We understand PCI DSS and we understand the challenges that most businesses have in achieving and maintaining compliance. Our approach is focused on securing your business assets – which includes your customer payment card data.
Our experience in the PCI arena has enabled us to develop a highly successful and effective methodology for helping our clients to manage their risk and achieve PCI DSS Compliance.
We aim to build a lasting relationship with our clients and our services and attitude reflect this approach.
A.k.a Pre-Compliance. An onsite review and gap-analysis providing a framework and guidance to establish a baseline level of security and identify and address areas of non-compliance. This essential service forms the basis of a successful compliance program.
Identify and prioritise network vulnerabilities ensuring up to date protection from the latest threats and meeting annual PCI DSS compliance requirements.
Penetration Test services provide a thorough analysis of a network and application's security and thus offer protection against potential compromise. Identified issues are explained in easy to absorb language along with remediation advice.
An online solution which allows level 2, 3 & 4 merchants to monitor and maintain PCI compliance. The online portal provides access to PCI DSS compliance and security details, with the right tools to make it easy to understand, analyse and validate.
PCI DSS Compliance for Level 1 and 2 merchants, Payment Service Providers and Hosting Providers requires an annual onsite assessment. A structured methodology ensures that this process is as straightforward as possible.
Assistance with information security policies and procedures; secure network architecture design; gap analysis and remediation guidance.
Ensure that all deviations from the PCI DSS requirements are either remediated or compensating controls are used in mitigating the risk. We have a vendor agnostic approach with advice provided on open-source and commercial solutions with practical recommendations and workshop services available.
Foregenix was built out of the desire to do things “our way” by putting the customer first and delivering true value and very importantly - risk reduction and baked-in security. This evolved from the experience of previously working within a number of typical corporate cultures that didn’t share this view.
We aim to understand your data security challenges - no matter the size of your project.
We are a world-leading Qualified Security Assessor (QSA), having completed hundreds of PCI DSS Assessments since it's inception.
"As a leading payment acceptance provider, security is at the heart of everything we do, so it is imperative that our partners do the same. The assessor market is very crowded and Foregenix bring a breath of fresh air with their approach. They are a true partner to our business, the kind of partner every CISO would and should want to work with on compliance projects. The whole team is extremely knowledgeable and professional, our engagements to date have enabled some global firsts and we look to continue this successful partnership for many years to come."
Chief Security Office