Data Integration
PCI SAQ & Compliance
PCI-DSS 4.0 aims to give cardholders the assurance that their card details are safe and secure when their debit or credit card is entered at the ecommerce, ach, point-of-sale, or ACH payment processing portal. Book Your Sessions Today 😁
Contact Blactec for your PCI - DSS Compliance Project Management, & Vulnerability scanning/remediation.
"Blactec completes our Tenable - Quarterly PCI ASV Scans, Annual PCI SAQ Submission, Vulnerabilities - Risk Analysis & Remediation Plan & Risk Acceptance, and our ongoing cyber security endeavors to protect internal & external customer data"
coverdell
Sec Ops IT   Sys. Admin
"Blactec developed, Implemented, researched, vendor scoped and completed the TCO analysis for our PKI & ServiceNow integration, as well as our Venafi Certification process weekly working sessions to secure all Org Domains. 
ElevanceHeatlh
Sec Ops IT   PKI Engineer
Red Team Seminar & Exercise
Blactec_RTFM
Blue Team Seminar & Exercise
Blactec_BTFM

BlacTec's Red Team service consists of the following features:

  • Assigned Tactical Red Team Manager

  • Yearly threat modeling activity and assessment goal setting

  • Quarterly on-site debriefings and assessment goal realignment

  • Internet Reconnaissance reporting

  • Physical security assessment

  • Social Engineering testing throughout the year

  • Vulnerability assessment activities throughout the year

  • Ongoing network, application, wireless penetration testing

DELIVERABLES:

At the conclusion of each Red Team engagement, BlacTec Security will produce a findings and recommendations report containing:

  • An executive summary including;

    • The scope of the engagement

    • An overview of our activities

    • A high-level, categorical, risk-based breakdown of findings

    • High level recommendations

    • A high-level plan for remediation

  • Detailed findings

    • A risk-based list of addressable issues detailing the area of exploit, exploit description, risk to the environment, sophistication of the attack, impact of the finding, evidence and detailed remediation recommendations.

    • Detailed findings will be grouped as follows;

      • Social Engineering Findings

      • Physical security findings

      • Technology findings

        • Network (internal and external)

        • Application

      • Open Source Intelligence (OSINT) Findings

      • Response capability findings

In addition to the above report we will also produce;

  • A vulnerability DB including;

    • A list of vulnerabilities identified categorized out by host, CVE and criticality

    • A itemization of exposed services

    • A prioritized list of vulnerabilities requiring immediate attention

    • Detailed remediation guidance

  • A high-level project plan including;

    • Activities, cost rating, level of effort, benefits to the organization, complexity, sales impact if applicable and whether the project includes people, process or technology.

  • Identified Running and exposed services

  • SecureTrust PCI Questionnaire - https://managepci.com/safemaker/login/portal
  • SecureTrust PCI Questionnaire - https://managepci.com/safemaker/login/portal
  • SecureTrust PCI Questionnaire - https://managepci.com/safemaker/login/portal
  • PCI DSS SAQ
  • SecureTrust PCI Questionnaire - https://managepci.com/safemaker/login/portal
  • SecureTrust PCI Exceptions - https://managepci.com/safemaker/login/portal