Pentesting UK FAQs
We can set this process up for you, and have a solution that is suitable for the smaller merchant and a competitive price.
An Approved Scanning Vendor (ASV), for example, is a service provider that is certified and authorised by the Payment Card Industry (PCI) to scan payment card networks. We are able to assist with this for PCI compliance and partner with an ASV provider for this service. The PCI Report can be then be provided in PDF and submitted to the acquiring bank for the merchant.
An independent internal and/or external penetration test will provide you with independent assurance that your systems and data are protected and not vulnerable. It is always advisable to get a third party to carry this out for you otherwise it is like marking your own homework.
A vulnerability scan will identify where the weaknesses are in your systems that an intruder would be able to use to gain access.
The report will identify the severity of any vulnerabilities and we will be able to advise you which need immediate action, and what actions you need to take. The report will show what information an intruder will be able to collect, how sensitive that information is to exploit such as security settings, file contents, or even gain full access by escalating privileges and compromise your entire network.
There is no one size fits all for this as it depends on the scope and your individual requirements. However, an external scan of a single IP address can cost as little as £100 + VAT per quarter.
We will be able to provide you with a full report which will highlight the vulnerabilities and next steps to remediate them, and then we will carry out a retest once you have resolved the issue, often within the price of the original test.