Integration Delivers Automated Penetration Testing Capabilities for PCI Compliance Management
BOSTON, MA - March 2, 2010 - Core Security Technologies, provider of the CORE IMPACT family of comprehensive enterprise security testing solutions, today announced that is has introduced fully supported integration with the QualysGuard® PCI Connect program, the industry’s first Software-as-as-Service (SaaS) ecosystem for PCI compliance.
Led by SaaS security pioneer Qualys, PCI Connect provides merchants seeking to comply with the PCI Data Security Standard with a fully integrated platform of online security and vulnerability management solutions that allow them to address and validate the regulation’s specific controls.
Via the integration of CORE IMPACT Pro, the industry’s leading automated penetration testing software solution, Qualys customers can now address PCI DSS Requirement 11.3 – which directs merchants to perform in-depth penetration testing both annually and after making upgrades or modifications to IT systems retaining sensitive cardholder data.
PCI Connect customers can now run IMPACT Pro’s PCI Vulnerability Validation Report to complete their Self Assessment Questionnaire (SAQ) directly within the QualysGuard PCI Connect interface. IMPACT Pro also allows organizations to carry out a wide range of security assessments dictated by other PCI DSS guidelines, as well as validate the efficacy of many mandated security controls.
“The PCI Council and other regulators continue to demand that their constituents perform more frequent and comprehensive automated security assessments, and the use of IMPACT Pro alongside QualysGuard and the other elements of the PCI Connect ecosystem exemplifies a highly effective model that organizations can leverage to meet both their current and future security and compliance demands,” said Mark Hatton, CEO and president of Core Security. “Integrating IMPACT Pro and QualysGuard provides PCI Connect customers with the most effective process for finding, validating and prioritizing the most critical points of IT security risk.”
QualysGuard PCI Connect offers merchants:
“Section 11.3 of PCI DSS requires annual penetration tests anytime there is a significant infrastructure or application upgrade or modification,” said Philippe Courtot, chairman and CEO of Qualys. “QualysGuard PCI Connect now integrates with Core IMPACT Pro to help customers automate the penetration testing process and the verification of exploitable vulnerabilities.”
Core Security Technologies provides IT security executives with comprehensive security testing and measurement of their IT assets by adding real-world actionable intelligence and verification to their IT security management efforts. Our software products build on over a decade of trusted research and leading-edge threat expertise from the company’s Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at 617-399-6980 or on the Web at: http://www.coresecurity.com.
Qualys, Inc. is the leading provider of on demand IT security risk andcompliance management solutions – delivered as a service. Qualys’Software-as-a-Service solutions are deployed in a matter of hours anywhere inthe world, providing customers an immediate and continuous view of theirsecurity and compliance postures.
The QualysGuard® service is used today by more than 4,000 organizations in 85countries, including 42 of the Fortune Global 100 and performs more than 250million IP audits per year. Qualys has the largest vulnerability managementdeployment in the world at a Fortune Global 50 company.
Qualys has established strategic agreements with leading managed serviceproviders and consulting organizations including BT, Etisalat, Fujitsu, IBM,I(TS)2, LAC, NTT, SecureWorks, Symantec, Tata Communications and TELUS.
For more information, please visit www.qualys.com.
Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.
For media inquiries or to find the appropriate spokesperson
Contact: Tim Whitman or Lauren O’Leary
Contact: Melinda Marks
For all other matters