In addition to the RoC, Level 1 merchants and service providers must undergo annual penetration testing to get and stay PCI compliant. Below are trusted companies that can perform a PCI penetration test for you.
Breachlock provides pen testing services that include automated web scanning, detailed penetration testing reports with compliance indicators, and fast DevOps remediation to help you
continually meet compliance requirements for PCI DSS.
Cobalt’s team of highly vetted pen testers will not only complete a PCI pen test for you to identify vulnerabilities, they will also help you fix them.
GRSee Consulting has a comprehensive onboarding process to understand the scope of your platform’s processes and business logic to design customized pen testing that meets your specific needs and goals.
Insight Assurance’s experienced ethical hackers perform point-in-time penetration testing services to help you meet PCI compliance requirements and have peace of mind.
Moss Adams can perform the annual network- and application-level penetration testing required for PCI compliance.
NetSPI is an offensive security company that partners with organizations to customize vulnerability management programs with a focus on penetration testing.
Prescient Assurance uses a custom penetration testing methodology that includes all PCI testing requirements and is based on best practices from OWASP, NIST 800-115, and OSSTMM.
Red Sentry’s in-house team of pentesters are certified industry experts with years of experience and education that can deliver accurate and actionable reports for any environment.
Software Secured offers 360 penetration testing, a comprehensive security test that helps you meet the requirements of PCI DSS as well as SOC 2, ISO 27001, and HIPAA.