PCI penetration testing guide

Organizations that are planning or involved in any sort of payment card transactions, such are credit cards, are required to be Payment Card Industry Data Security Standard (PCI DSS) compliant. PCI DSS policies and standards are used to protect and improve the security of credit, debit, and cash transactions while protecting the Personal Identifiable Information (PII) of the cardholders.

The PCI Penetration Testing Guide outlines the following phases in its methodology:

• Pre-Engagement (Planning)
• Engagement: Penetration Testing (Discovery and Attack)
• Post-Engagement (Post-Attack)