• About InfoGard

  The Company

  • Overview
  • What We Do
  • Credentials
  • Independent Third Party
  • Careers
  • Contact Us

  Clients

  • Our Customers
  • Customer Testimonials

  Management Team

  • Company Management
  • Company Advisors
• Sector

  Healthcare IT

  • EHR Testing & Certification
  • ONC-ATCB Certification
  • Hospital EHR Certification
  • Hospital Meaningful Use Incentive Payment Security Risk Analysis
  • Electronic Prescriptions for Controlled Substances (EPCS)
  • HIPAA Security & Privacy Assessments
  • SecureEHR
  • Breach Safe Harbor Certification
  • CalHIPSO
  • Penetration Test Services for Healthcare
  • Healthcare Vulnerability Scan Service
  • Medical Device Validation
  • Services for Security Technology Vendors
  • Healthcare Security and Privacy Offerings

  Federally Mandated Security

  • FIPS 140-2
  • Common Criteria Validation
  • Postal Systems
  • FIPS 201 (NPIVP) Card Command Validation

  Financial Services

  • Hardware Security Module
  • PCI Pin Entry Device Security
  • PCI Approved Scanning Vendor Validation
  • MasterCard PTS
  • Australian Payments Clearing Association
• Problems We Solve

  Problems We Solve

  • Healthcare
  • Smart Card/ID
  • Financial Industry
  • Federal Government

  Security Technology

  • Cryptographic Knowledge
  • Comprehensive Network Assessments
  • System Security Assessments
  • Compliance Assessments
  • FIPS 140-2
• Blog, News, & Events
  • Blog
  • Conferences
  • News
• Resources

  Resources by Sectors

  • Federally Mandated Security
  • Financial Services
  • Healthcare IT

  General Resources

  • Network Security Assessment
  • GSA Schedule
  • FAQ About EHR & HHS Safe Harbor Certification
  • Meaningful Use & Certification
  • About Breach Safe Harbor
  • Useful Links

PCI Compliance and Penetration Testing

Home > Resources > PCI Compliance and Penetration Testing

InfoGard, a PCI Validator, offers a free online training program.

Does your organization need Penetration Testing?

Before making a request for Penetration Testing from an outside firm, the following questions must be answered:

• How will I define the Rules of Engagement?
• Will Penetration Testing protect or harm my network?
• Who should conduct my Pen Test?
• How will I identify the parts of my network that need testing?

InfoGard’s Penetration Test Services

InfoGard is at the forefront of best practices Penetration Testing procedures and has authored the ANSI X9.111 standard, scheduled for release in mid-2010. As a complement to this effort to set clear testing guidelines, we are now offering an online training program, "Planning for Penetration Testing", for retailers and the financial services industry.

To preserve our trusted third party status, InfoGard does not provide Penetration Testing services to retail and financial services, but does provide network testing to other industries. InfoGard has ten-plus years experience in guarding and increasing payment card security - including validation testing of Approved Scan Vendors (ASVs) for the Payment Card Industry (PCI), ASV training programs for PCI, and the Pin Entry Device testing program for Visa.

Please contact our Penetration Testing team to find out how we can help you.