WHAT IS PCI DSS?

The Payment Card Industry Data Security Standard (or, PCI DSS) is a set of predefined security standards that are created to ensure that all companies that receive, process, store or transfer credit card information will maintain a secure environment in their routine. The primary goals of PCI DSS is to reduce the risk of debit and credit card data loss and to prevent payment cardholder data fraud.

WHY PCI DSS?/WHY DOES IT MATTER?

There’s a few reasons this should interest you.


The first being that the PCI DSS is a Standard that is globally agreed upon – That is, it is not a specific “goal” that a company defined for itself, but something that security experts from all over the world sat down, planned and agreed that it is the most correct for all companies around the world.

Secondly, maintaining continuity – As mentioned earlier, companies that want to comply with the standard must ensure that they comply with the requirements at all times. Since the world of information security, and the threats that exist in it are constantly changing and developing – a company must also make sure that it does so accordingly. This means that worries related to a company always being up-to-date on the newest threats should be removed.

DOES KAYRAN MEET THE REQUIREMENTS OF THE PCI DSS?

While compliance with PCI DSS requirements has no direct link to finding vulnerabilities, it is important to understand that the purpose of this standard is to ensure that the network is secure.

Kayran meets its relevant PCI DSS requirements automatically and continuously, and part of this is also carried out through the Penetration Tests that the tool performs.

PCI DSS Requirements that should be assessed for compliance:

Examples of Vulnerabilities related to Compliance with PCI DSS Requirements: