Cenzic Certified as PCI-Approved Scanning Vendor
BackBy —<strong>Santa Clara, Calif. — May 6</strong><br />Cenzic, a provider of application security vulnerability assessment and risk management solutions, announced the company's managed service, Cenzic ClickToSecure, has completed the PCI Security Standards Council's testing process and received Approved Scanning Vendor (ASV) Certification. <br /><br />Cenzic successfully met all the PCI Security Standards Council's requirements to allow its ClickToSecure SaaS to validate compliance with the Payment Card Industry Data Security Standard (PCI DSS). This will enable Cenzic to help customers in complying with PCI while strengthening its application security posture.<br /><br />Cenzic is also well-positioned to far exceed the requirement 6.6 as clarified recently by the PCI Council. The intent of requirement 6.6 is to ensure Web applications exposed to the public Internet are protected<br />against the most common types of malicious input by June 30, 2008. The new guidelines clarify what the "code review" implies in this section. According to the council, two of the options for code reviews include:<br /><br /><ul><li>Manual Web application security vulnerability assessment.</li><li>Proper use of automated Web application security vulnerability assessment tools.</li></ul><br />Cenzic offers both a manual and an automated assessment solution with a comprehensive suite of tests to secure its Web applications.<br /><br />"Becoming a certified Approved Scanning Vendor enables us to give our clients a validation for PCI compliance," said John Weinschenk, CEO of Cenzic. "While getting certification is important, Cenzic provides comprehensive application-security assessment, helping customers truly secure their Web applications. We help customers focus on securing their users information by securing their infrastructure. Compliance with PCI and other standards is a natural by-product of a strong security discipline."<br /><br />The PCI Data Security Standard (DSS), endorsed by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., requires merchants and service providers that store, process or transmit customer payment card data to adopt information security controls and processes to ensure data integrity. <br /><br />Participating payment brands require PCI DSS compliance reports by a certified third-party assessor for on-site audits of merchants and service providers that process payment card transactions. <br /><br />"The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data," said Bob Russo, general manager of the PCI Security Standards Council. "By participating in the ASV certification process, Cenzic demonstrates they are playing an active part in this important end goal."<br /><br />Cenzic ClickToSecure is a software as a service available to assess applications remotely and determine attack resistance, regulatory compliance and potential security flaws in one or more applications. As an ASV, ClickToSecure is certified to conduct automated PCI Data Security Standard compliance assessments. <br /><br />Furthermore, Cenzic Hailstorm, the industry's leading solution in Web application security assessment and risk management includes a comprehensive package for PCI Compliance for customers who want do their own ongoing self-testing.<br />
Viewed 5846 times.