Home / Services / PCI-DSS Driven Penetration Testing

PCI-DSS Driven Penetration Testing

Required penetration testing for PCI compliance

2-3 weeks Starting at $11,500
Request a Quote View all services
PCI-DSS Driven Penetration Testing ASSESSMENT
2
CRITICAL
6
HIGH
11
MEDIUM
5
LOW
External perimeter testingPASSED
Application security testingPASSED
Remediation verificationIN PROGRESS
Final report deliveryPENDING
Overview

What This Engagement Covers

A comprehensive assessment tailored to your environment.

PCI-DSS Requirement 11.3 mandates annual penetration testing by a qualified assessor. Our PCI-DSS penetration testing meets all Payment Card Industry requirements and provides documentation needed for QSA validation and compliance reporting.

Our Process

What We Test & How

What We Test

We test all systems in your cardholder data environment (CDE) including external networks, internal network segmentation, web applications that handle card data, wireless networks, and all systems connected to the CDE. Testing validates PCI security requirements are properly implemented.

Our Approach

Conducted by PCI-certified professionals, our testing follows PCI Penetration Testing Guidance and includes all required components. We validate network segmentation, test for CDE vulnerabilities, assess application layer security, and provide detailed remediation guidance to achieve compliance.

Deliverables

What You'll Receive

Everything included in your engagement report.

PCI-DSS compliant penetration test report

ASV scan results and attestation

Network segmentation validation

Cardholder data flow analysis

Vulnerability remediation tracking

Retest validation report

QSA-ready documentation package

Attestation of Compliance (AOC) support

Methodology

Our Testing Methodology

A structured approach to identifying and validating vulnerabilities.

1

Cardholder data environment identification

2

External penetration testing

3

Internal penetration testing

4

Network segmentation validation

5

Application layer security testing

6

Wireless security assessment (if applicable)

7

Social engineering testing

8

Remediation and retesting

Findings

Common Vulnerabilities We Find

Typical security issues discovered during this type of engagement.

Network Segmentation Failures Unencrypted Cardholder Data Weak Authentication Controls Missing Security Patches SQL Injection in Payment Applications Inadequate Access Controls Wireless Security Weaknesses Logging and Monitoring Gaps
Who It's For

Ideal For

E-commerce Merchants
Payment Service Providers
Payment Gateways
Retail Organizations
Hospitality Industry
Financial Institutions
Compliance

Standards We Support

PCI-DSS v4.0 PA-DSS PCI P2PE Payment Card Standards

Ready to Get Started?

$11,500

Typical engagement: 2-3 weeks

Request a Quote
More Services

Explore Other Services

Complementary security engagements for comprehensive coverage.

Web Application Penetration Testing

Comprehensive security assessments of your web applications

Starting at $7,500 Learn more

API Penetration Testing

Secure your REST, GraphQL, and SOAP APIs

Starting at $7,500 Learn more

Active Directory & Domain Penetration Testing

Assess your Windows domain infrastructure security

Starting at $10,000 Learn more
Why Us

Why Lorikeet Security

Certified Experts

OSCP, OSCE, CEH, GPEN certified professionals

Auditor Ready

Reports designed for compliance audits

Free Retesting

Validate fixes at no additional cost

Expert Support

Direct access to testing team during remediation

Lory waving

Hi, I'm Lory! Need help finding the right service? Click to chat!