fbpx
TCM Security is offering free Active Directory Health Checks to any company with 10 or more employees. To inquire, please contact us here.

PCI DSS QSA AUDITING

PCI DSS QSA Credit Card Compliance

A PCI DSS Audit is performed to help your organization meet the requirements of the Payment Card Industry(PCI) Data Security Standard(DSS). Our team of Qualified Security Assessors follows strict guidelines to ensure your data and infrastructure meet the requirements to receive a Report of Compliance..

Our Methodology

TCM Security bases PCI auditing techniques on industry best practices, such as reducing in-scope testing via network segmentation and implementing PCI-DSS into Business-as-Usual processes. In addition, all requirements, testing procedures, and guidance align with Payment Card Industry (PCI) Security Standards Council instruction, as TCM Security is a PCI-certified organization.

ï‚®

Planning

Customer goals are gathered and rules of engagement obtained.



Discovery

Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.

ï›±

Attack

Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.

i

Reporting

Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.

Thorough Testing

Activities performed during external penetration testing include, but are not limited to:

  • ï…ŠVulnerability scanning and exploitation
  • ï…ŠSocial media intelligence gathering
  • ï…ŠUsername and account enumeration
  • ï…ŠBreached credential intelligence gathering
  • ï…ŠService, port, and website enumeration
  • ï…ŠEnumerating third parties for data leaks (S3 Buckets, GitHub, etc.)
  • ï…ŠAttacking login portals (Website, O365, VPN, etc.)
  • ï…ŠMulti-Factor Authentication (MFA) bypassing
  • ï…ŠOther testing depending on specific customer content and footprint

Thorough Testing

Activities performed during external penetration testing include, but are not limited to:

  • ï…ŠVulnerability scanning and exploitation
  • ï…ŠSocial media intelligence gathering
  • ï…ŠUsername and account enumeration
  • ï…ŠBreached credential intelligence gathering
  • ï…ŠService, port, and website enumeration
  • ï…ŠEnumerating third parties for data leaks (S3 Buckets, GitHub, etc.)
  • ï…ŠAttacking login portals (Website, O365, VPN, etc.)
  • ï…ŠMulti-Factor Authentication (MFA) bypassing
  • ï…ŠOther testing depending on specific customer content and footprint

Thorough Testing

Activities performed during external penetration testing include, but are not limited to:

  • ï…ŠVulnerability scanning and exploitation
  • ï…ŠSocial media intelligence gathering
  • ï…ŠUsername and account enumeration
  • ï…ŠBreached credential intelligence gathering
  • ï…ŠService, port, and website enumeration
  • ï…ŠEnumerating third parties for data leaks (S3 Buckets, GitHub, etc.)
  • ï…ŠAttacking login portals (Website, O365, VPN, etc.)
  • ï…ŠMulti-Factor Authentication (MFA) bypassing
  • ï…ŠOther testing depending on specific customer content and footprint

Proudly Trusted By:

Sample Pentest Report

See The Results We Can Deliver To You. No Email Required.

Download

See How We Can Secure Your Assets

Let’s talk about how TCM Security can solve your cybersecurity needs. Give us a call, send us an e-mail, or fill out the contact form below to get started.

 

tel: (877) 771-8911 | email: info@tcm-sec.com