HOME > DOCUMENT PCI COMPLIANCE

Ounce PCI Certification and Compliance

Proper compliance with PCI requires a consistent, thorough, metrics-based method for identifying, addressing, and reporting on the vulnerabilities in software that put data at risk. With PCI-specific source code analysis and reporting, and the capability to analyze both web-facing and back office processing applications, Ounce is a solution to the challenge of truly understanding whether or not customer information is being protected appropriately by the software that manages your most critical data.

Ounce uses patented source code analysis technology to quickly and accurately identify the vulnerabilities that put data and operations at risk.

LEAD Technologies Inc. V1.01
From within the Ounce Security Analyst, Ounce offers a PCI-specific view that allows you to drill down to the PCI-specific vulnerabilities and eliminate them quickly. 

Using the results of this analysis, Ounce delivers the PCI-specific SmartAudit to guide security analysts in their analysis and remediation while providing auditors with the metrics and documentation they need.  View results within the Ounce Security Analyst to sort and prioritize findings, or export the information into a SmartAudit report to help demonstrate compliance with the software-specific requirements of the PCI DSS.

LEAD Technologies Inc. V1.01
Ounce SmartAudit for PCI provides security analysts, auditors, and regulators instant access to the remediation and compliance data they need.

REQUIREMENT 3: PROTECT STORED CARDHOLDER DATA
The Ounce Advantage: comprehensive source code analysis delivers the information needed to track the use and strength of encryption, the use of access control and authorization routines, unsafe storage practices, and the unmasked output of private data. This information is delivered with the type of detail necessary to guide remediation and document compliance.

LEAD Technologies Inc. V1.01

REQUIREMENT 6: DEVELOP AND MAINTAIN SECURE SYSTEMS AND APPLICATIONS
The Ounce Advantage: actionable metrics, PCI-specific reporting, and a comprehensive security knowledebase means that organizations have the tools they need to maximize the effectiveness
of all the stakeholders in the PCI compliance process. Developers, security analysts, auditors, managers: Ounce delivers the software risk analysis data to ensure a secure, and compliant, software development lifecycle.

OUNCE IMPACTS YOUR BUSINESS:
Ensure Data Privacy | Secure Outsourcing | Document PCI Compliance | Secure the SDLC