One thought on “What is the penetration testing requirement for PCI?

  1. Arti says:

    According to PCI requirement 11. 3 specifies that all organizations who store, process or transmit cardholder information must include penetration tests as part of their information security program. 3, penetration testing must be performed at least annually or whenever there is a significant change anywhere in the CDE. According to Penetration Testing Guidance from the PCI Security Standards Council, the penetration tester must be both qualified and organisationally independent. PCI DSS Requirement 11.

Leave a Reply

Your email address will not be published. Required fields are marked *