PROFILING

PCI Wireless Assessment

Essentials

The PCI Wireless Security Assessment will evaluate the potential relationship between unauthorized accesses of your wireless network to PCI DSS compliance. SecureState will identify client owned wireless access points from various areas located within and outside the facilities. Once these access points are verified, SecureState evaluates whether the encryption and wireless access point configuration meet PCI DSS standards. Additionally, SecureState conducts rouge access point detection using specialized tools at the facilities in scope for the assessment. Rogue access point detection is required for PCI DSS compliance.

PCI Wireless Security Assessments help meet PCI DSS standards
Smaller assessment scope allows for quick turnaround of results
Rogue access point detection finds unauthorized access points connected to your internal corporate network

Benefits

PCI DSS requires that a wireless network has basic security controls in place; such as: changed default credentials, industry standard encryption implementation and rogue access point detection. SecureState’s PCI Wireless Security Assessment helps meet these requirements to ensure your organization is compliant to PCI DSS standards.

Expertise

SecureState has created cutting edge open source tools to test the security of wireless networks. Our tools are used by security assessors and penetration testers in the security industry. One of these tools is called the EAPeak Suite, which gives useful information relating to the security of the wireless network for penetration testers; while searching for vulnerabilities. SecureState speaks and constructs blogs on our wireless tools and wireless security research at National and worldwide security conferences such as ToorCon and Black Hat Europe.

Get Scoping Questions Now!

Fill in your details and you can download a FREE questionnaire to ask your vendors.

Your Name

Your Phone

Your Email

Your Company

We will not share or distribute your email to anyone. It will be used solely to contact you about the service you have inquired about.

Did You Know?

Vulnerable wireless networks can leave your company open to attack
A PCI Wireless Assessment is not a Wireless Penetration Test
PCI Wireless Assessments should be performed annually to meet PCI DSS standards
Rogue wireless access points can be used as an unauthorized entry point into your internal corporate network

Our Approach and Methodology

The SecureState Profiling Team are well known and highly regarded as experts in Penetration Testing. Our approach follows industry accepted testing methodologies such as PTES, NIST 800-115, OWASP and OSSTMM. By following these methodologies, our clients can accurately replicate the testing SecureState has performed in their own environment to accurately mitigate identified vulnerabilities. The SecureState Profiling Team also helps identify strategic “root cause” issues through our Penetration Tests. Our Risk Management Team is uniquely positioned to work closely with the Profiling Team in order to assist clients with mitigating these strategic “root cause” issues.

Phase I – Pre-engagement Interactions:

In this phase, SecureState works with the client to establish the rules of engagement, as well as the scope; and exchange contact information for both parties. We provide a detailed Project Charter which contains information on scope and everything that will be required to conduct the testing. The Project Charter is discussed during the kickoff call prior to the beginning of the engagement.

Phase II – Reconnaissance:

Wireless access points in scope are probed using specialized tools to identify them as client property. APs are then selected for analysis, and as much information as possible is gathered regarding the targets; including default configurations and enabled encryption level. These findings are then reviewed to ensure they meet PCI DSS standards.

Phase III – Rogue Access Point Detection:

Using specialized tools, SecureState drives around the client’s property in scope to determine the location of rogue access points. Additionally, we conduct this detection while walking through any facilities that are in scope. Once rogue access points are identified, SecureState notifies client personnel to take action on the suspected rogue access points. SecureState can find rogue access points up to several feet of accuracy.

Phase IV – Reporting:

As part of the deliverable, SecureState provides a report which contains a short graphical summary aimed at senior management, a narrative body which details major findings as well as a detailed findings section aimed ta technical staff. SecureState also provides a closing call and high level executive presentation to summarize the penetration test; as well as provide an opportunity to ask questions about the engagement.

What Makes Us Different

Demonstrates our tools to clients during PCI Wireless Security Assessments
Publishes our own Exploits, Zero Days and Tools to the Information Security Community
Profiling Team members are known as experts in Wireless Security worldwide
Profiling Team members are frequent speakers at National and world-wide security and hacking conferences such as DEFCON, Black Hat, OWASP AppSec, SANS, ShmooCon, THOTCON, DerbyCon, ToorCon and more
Provides a secure two-factor authentication web portal for access to PCI Wireless Assessment results
Follows industry standard testing methodologies and vulnerability rating systems

Related Services

Downloads

We Can Help You

Generate New Image

Enter the code from above.