PCI Compliance

Mandatory Regulations

The Payment Card Industry Data Security Standard (PCI-DSS) was created in order to reduce credit card fraud, by increasing the controls around cardholder data. Compliance with PCI-DSS regulations requires any organization that handles cardholder information to execute some sort of annual PCI QSA assessments of their payment card system, ranging from a simple self-assessment, to a third-party assessment conducted by an external Qualified Security Assessor (QSA). Aerstone’s free online PCI Calculator can help you determine your PCI testing and reporting requirements.

Comprehensive Testing

Aerstone’s PCI SSC certified team has over 35 combined years of security testing experience across both government and commercial clients to include the Department of Treasury, our national intelligence community, commercial financial institutions, healthcare organizations, and various other clients across the private sector services market. Our penetration testing and security assessment team will ensure your information processing systems are tested and evaluated against the most current vulnerability intelligence and exploitation methods threatening your system today. It is our belief that our objectives support an excellent place to work and an environment that empowers and motivates outstanding work for our customers.

Broad Knowledge

Our company’s history is rooted in performing security assessments meeting regulatory compliance frameworks such as HIPAA, NIST, SOX, FISMA, DITSCAPP , DIACAP, and Dodd-Frank regulations. By continuously testing these types of frameworks, our security assessment methodology ensures that not only the PCI-DSS compliance requirements are met, but that we use the same process from start to finish in conducting a PCI-DSS assessment as we would any other regulatory compliance framework.