{"id":5735,"date":"2023-08-23T15:34:16","date_gmt":"2023-08-23T19:34:16","guid":{"rendered":"https:\/\/solutionsreview.com\/endpoint-security\/?p=5735"},"modified":"2023-08-23T15:34:54","modified_gmt":"2023-08-23T19:34:54","slug":"pci-dss-4-0-why-pen-testing-is-key-for-compliance","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/","title":{"rendered":"PCI DSS 4.0: Why Pen Testing is Key for Compliance"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-5736\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg\" alt=\"PCI DSS\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg 800w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance-300x150.jpg 300w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance-768x384.jpg 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p><em><strong>Solutions Review\u2019s\u00a0<a class=\"fui-Link ___1idfs5o f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1hu3pq6 f11qmguv f19f4twv f1tyq0we f1g0x7ka fhxju0i f1qch9an f1cnd47f fqv5qza f1vmzxwi f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh ftqa4ok f2hkw1w fhgqx19 f1olyrje f1p93eir f1h8hb77 f1x7u7e9 f10aw75t fsle3fq f17ae5zn\" title=\"https:\/\/solutionsreview.com\/solutions-review-contributor-guidelines\/\" href=\"https:\/\/solutionsreview.com\/solutions-review-contributor-guidelines\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Link Contributed Content Series\"><u>Contributed Content Series<\/u><\/a> is a collection of contributed articles written by thought leaders in enterprise software categories. Eren Cihangir of <a href=\"https:\/\/outpost24.com\/\" target=\"_blank\" rel=\"noopener\">Outpost24<\/a> makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance.<\/strong><\/em><\/p>\n<p>In a world where cyber-attacks are rife, and data breaches are an unfortunate daily occurrence, we&#8217;ve witnessed the disastrous impact when credit card information is breached. In 2017, the Equifax data breach exposed over 209,000 credit card details and impacted over 147 million people. The aftermath resulted in Equifax settling with regulators for $700 million. In 2019, Capital One (the fifth largest credit card issuer in the US) suffered a hack that compromised 106 million customers across the US and Canada. If we look more recently, HRM Enterprises, which owns the US\u2019s largest independent hardware store, had 40,000 credit cards stolen because of a cyber-attack.<\/p>\n<p>To ensure that all merchants, credit card providers, and services that process, store, or transfer credit card data keep such information secure, they must adhere to the Payment Card Industry Data Security Standard (PCI DSS). This sets out the cybersecurity and privacy requirements to ensure these organizations maintain a safe environment. The compliance requirements are regularly being updated, with PCI version 4.0 announced in March 2022, with a deadline of March 31, 2024, for all organizations to be compliant.<\/p>\n<p>Yet, when examining the new version of this critical standard, penetration testing (pen testing) remains a necessity (under requirement 11), but in what capacity and who must perform this security assessment? Analyzing the new version of the PCI standard, pen testing, and vulnerability scanning are needed to protect payment cardholder data and keep systems secure. Payment card service providers will have to carry out pen test assessments twice a year, with vulnerability scans conducted once a quarter. Moreover, if your organization processes payment card information through business-critical web applications, then these will also need regular tests and scans, especially when these systems undergo significant changes and updates.<\/p>\n<p>So, what are the main differences between a PCI pen test and a PCI vulnerability scan, and what is expected from both?<\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/solutionsreview.com\/mobile-device-management\/buyers-guide\/\"><img decoding=\"async\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2020\/01\/Endless_Mobility_Management.gif\" alt=\"Download Link to Unified Endpoint Mobility Management Buyer's Guide\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<h2><strong>PCI DSS 4.0: Why Pen Testing is Key for Compliance<\/strong><\/h2>\n<hr \/>\n<h3><strong>PCI Pen Test<\/strong><\/h3>\n<p>This security assessment is designed to unearth and exploit any vulnerabilities discovered in the cardholder data environment (CDE), including the organization\u2019s infrastructure, network, and applications, on a regular basis. This is to test the resilience of the defenses in place and typically, Pen testing is a manual process that can also incorporate automated solutions to locate and trigger the security flaw into operating. An actionable report is then produced based on the findings of the test which detail the vulnerabilities, threats, and risks posed to cardholder data.<\/p>\n<h3><strong>PCI Vulnerability Scan<\/strong><\/h3>\n<p>When conducted, a PCI vulnerability scan is an advanced test that produces a report after completion, displaying the most severe vulnerabilities and ranking them in order of importance. With the risk of external IPs and domains being exposed in the CDE, these must be scanned regularly, with PCI DSS demanding that tests be carried out at least four times a year. The tools used to carry out vulnerability scans are largely automated, but these often must be verified manually.<\/p>\n<p>The length of time both assessments take to finish also differs. Vulnerability scans can be completed in a matter of minutes, whereas pen testing can vary between days or weeks depending on the size and scope of the organization\u2019s CDE. Both these tests are integral in reducing the overall attack surface of the CDE and provide security teams visibility on where weaknesses may appear.<\/p>\n<p>With the requirements for PCI DSS readily available, organizations are obliged to define, document, and implement a penetration testing methodology to adhere to a variety of standards, such as:<\/p>\n<ul>\n<li>Penetration testing provided by industry-accepted solutions.<\/li>\n<li>Visibility and coverage into the CDE and associated systems.<\/li>\n<li>Application and network layer pen testing, with documented strategies on how to address the issues found.<\/li>\n<li>Analysis and recommendations of risks and threats uncovered during the previous 12 months.<\/li>\n<li>Organizations must keep records of all testing results and remediation activities on file for a year.<\/li>\n<\/ul>\n<p>Service providers that hold cardholder information must conduct PCI pen tests every six months or when the system has a significant change\u2026but what is meant by this?<\/p>\n<p>Some examples of a significant change that would necessitate a PCI Pen Test include:<\/p>\n<ul>\n<li>New hardware, software, or networking equipment added to the system.<\/li>\n<li>If hardware or software is upgraded or replaced.<\/li>\n<li>When modifications are made that could impact how cardholder data is processed or stored.<\/li>\n<li>If third-party vendors make changes to their services or processes that help keep the CDE functional.<\/li>\n<\/ul>\n<h3><strong>Always Protect the Customer&#8217;s Data to Meet PCI Compliance<\/strong><\/h3>\n<p>While this may have focused on a specific area of PCI, it is critical for all organizations to understand what is expected and to meet compliance before the March 2024 deadline. Pen testing and vulnerability scanning play crucial roles in achieving PCI DSS compliance and are highly effective in reducing vulnerabilities in systems handling sensitive data. With that said, organizations seeking assistance with pen testing or vulnerability scanning must do their due diligence. Firstly, check if the vendor is an Approved Scanning Vendor (ASV). Secondly, the vendor should house a comprehensive suite of services that can continuously assess and analyze the entire network for vulnerabilities.<br \/>\nLastly, the vendor must be well-equipped to assist the organization in verifying and demonstrating their adherence to PCI DSS standards. This will give you the assurance that you have taken the necessary proactive action to meet the highest standards of data protection.<\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/solutionsreview.com\/mobile-device-management\/buyers-guide\/\"><img decoding=\"async\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2020\/01\/Endless_Mobility_Management.gif\" alt=\"Download Link to Unified Endpoint Mobility Management Buyer's Guide\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Solutions Review\u2019s\u00a0Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Eren Cihangir of Outpost24 makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance. In a world where cyber-attacks are rife, and data breaches are an unfortunate daily occurrence, we&#8217;ve [&hellip;]<\/p>\n","protected":false},"author":851,"featured_media":5736,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2,335],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>PCI DSS 4.0: Why Pen Testing is Key for Compliance<\/title>\n<meta name=\"description\" content=\"Eren Cihangir of Outpost24 makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PCI DSS 4.0: Why Pen Testing is Key for Compliance\" \/>\n<meta property=\"og:description\" content=\"Eren Cihangir of Outpost24 makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/\" \/>\n<meta property=\"og:site_name\" content=\"Endpoint Security &amp; Protection Platforms | Solutions Review\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/solutionsreview\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-23T19:34:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-23T19:34:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Eren Cihangir\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:site\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Eren Cihangir\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/\"},\"author\":{\"name\":\"Eren Cihangir\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/e3fcc00b27853d43a6cd3195cfc21ff3\"},\"headline\":\"PCI DSS 4.0: Why Pen Testing is Key for Compliance\",\"datePublished\":\"2023-08-23T19:34:16+00:00\",\"dateModified\":\"2023-08-23T19:34:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/\"},\"wordCount\":941,\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg\",\"articleSection\":[\"Best Practices\",\"Featured\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/\",\"name\":\"PCI DSS 4.0: Why Pen Testing is Key for Compliance\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg\",\"datePublished\":\"2023-08-23T19:34:16+00:00\",\"dateModified\":\"2023-08-23T19:34:54+00:00\",\"description\":\"Eren Cihangir of Outpost24 makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg\",\"width\":800,\"height\":400,\"caption\":\"PCI DSS\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/endpoint-security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PCI DSS 4.0: Why Pen Testing is Key for Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"name\":\"Endpoint Security &amp; Protection Platforms | Solutions Review\",\"description\":\"Evaluating Enterprise EPP Software, Next-Gen Antivirus &amp; EDR Solutions.\",\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\",\"name\":\"Solutions Review\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"width\":200,\"height\":200,\"caption\":\"Solutions Review\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/solutionsreview\",\"https:\/\/x.com\/InfoSec_Review\",\"https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review\",\"https:\/\/www.youtube.com\/user\/SolutionsReview\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/e3fcc00b27853d43a6cd3195cfc21ff3\",\"name\":\"Eren Cihangir\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/Eren-Cihangir_Outpost24.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/Eren-Cihangir_Outpost24.jpg\",\"caption\":\"Eren Cihangir\"},\"description\":\"Eren Cihangir is a cybersecurity expert at Outpost24 Group. He works as a Product Specialist and Technical Liaison, helping organizations to implement solutions to address a wide range of cybersecurity challenges. Building from over a decade of wide-ranging experience in software development, vulnerability management, penetration testing, and business intelligence, Eren seeks ways for clients to incorporate excellent strategies to protect their critical operations and data.\",\"sameAs\":[\"https:\/\/outpost24.com\/\"],\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/author\/ecihangir\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"PCI DSS 4.0: Why Pen Testing is Key for Compliance","description":"Eren Cihangir of Outpost24 makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/","og_locale":"en_US","og_type":"article","og_title":"PCI DSS 4.0: Why Pen Testing is Key for Compliance","og_description":"Eren Cihangir of Outpost24 makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance.","og_url":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/","og_site_name":"Endpoint Security &amp; Protection Platforms | Solutions Review","article_publisher":"https:\/\/www.facebook.com\/solutionsreview","article_published_time":"2023-08-23T19:34:16+00:00","article_modified_time":"2023-08-23T19:34:54+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg","type":"image\/jpeg"}],"author":"Eren Cihangir","twitter_card":"summary_large_image","twitter_creator":"@InfoSec_Review","twitter_site":"@InfoSec_Review","twitter_misc":{"Written by":"Eren Cihangir","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#article","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/"},"author":{"name":"Eren Cihangir","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/e3fcc00b27853d43a6cd3195cfc21ff3"},"headline":"PCI DSS 4.0: Why Pen Testing is Key for Compliance","datePublished":"2023-08-23T19:34:16+00:00","dateModified":"2023-08-23T19:34:54+00:00","mainEntityOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/"},"wordCount":941,"publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg","articleSection":["Best Practices","Featured"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/","name":"PCI DSS 4.0: Why Pen Testing is Key for Compliance","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg","datePublished":"2023-08-23T19:34:16+00:00","dateModified":"2023-08-23T19:34:54+00:00","description":"Eren Cihangir of Outpost24 makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#primaryimage","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/PCI-DSS-4.0-Why-Pen-Testing-is-Key-for-Compliance.jpg","width":800,"height":400,"caption":"PCI DSS"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/endpoint-security\/pci-dss-4-0-why-pen-testing-is-key-for-compliance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/endpoint-security\/"},{"@type":"ListItem","position":2,"name":"PCI DSS 4.0: Why Pen Testing is Key for Compliance"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website","url":"https:\/\/solutionsreview.com\/endpoint-security\/","name":"Endpoint Security &amp; Protection Platforms | Solutions Review","description":"Evaluating Enterprise EPP Software, Next-Gen Antivirus &amp; EDR Solutions.","publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization","name":"Solutions Review","url":"https:\/\/solutionsreview.com\/endpoint-security\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","width":200,"height":200,"caption":"Solutions Review"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/solutionsreview","https:\/\/x.com\/InfoSec_Review","https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review","https:\/\/www.youtube.com\/user\/SolutionsReview"]},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/e3fcc00b27853d43a6cd3195cfc21ff3","name":"Eren Cihangir","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/Eren-Cihangir_Outpost24.jpg","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/08\/Eren-Cihangir_Outpost24.jpg","caption":"Eren Cihangir"},"description":"Eren Cihangir is a cybersecurity expert at Outpost24 Group. He works as a Product Specialist and Technical Liaison, helping organizations to implement solutions to address a wide range of cybersecurity challenges. Building from over a decade of wide-ranging experience in software development, vulnerability management, penetration testing, and business intelligence, Eren seeks ways for clients to incorporate excellent strategies to protect their critical operations and data.","sameAs":["https:\/\/outpost24.com\/"],"url":"https:\/\/solutionsreview.com\/endpoint-security\/author\/ecihangir\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/5735"}],"collection":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/users\/851"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/comments?post=5735"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/5735\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media\/5736"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media?parent=5735"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/categories?post=5735"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/tags?post=5735"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}