Find a pentest company with PCI QSA
31 companies have this certification
PCI QSA Certification
Origin
The PCI Qualified Security Assessor (QSA) certification was created by the PCI Security Standards Council (PCI SSC), an organization founded in 2006 by major payment card brands including Visa, MasterCard, American Express, Discover, and JCB. The certification was established to address the growing need for qualified professionals who could assess merchant and service provider compliance with the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS itself was developed in 2004 to create a unified approach to protecting cardholder data and reducing payment card fraud across the industry.
Industry Value
The PCI QSA certification is highly valued because it represents official authorization to conduct PCI DSS compliance assessments for organizations that handle payment card data. Companies that process, store, or transmit cardholder information are required by payment card brands to validate their PCI DSS compliance, and QSAs are the only professionals authorized to perform these formal assessments for most merchant levels. The certification demonstrates expertise in payment security standards, risk assessment methodologies, and data protection practices, making QSAs essential partners for businesses seeking to maintain compliance, avoid penalties, and protect their customers' sensitive payment information.
Aeris Secure
Cybersecurity company specializing in PCI and SOC compliance services for small to mid-size businesses; explicitly offers penetration testing with dedicated engagement procedures; based in Phoenix, Arizona, founded in 2008, with 4 employees and a -14.3% YoY workforce change.
Rule4
Rule4 is a private IT services and consulting company specializing in cybersecurity and emerging technology advisory; offers penetration testing services including application and API pentests; 13 employees with 17.6% YoY growth; $5M-$25M revenue; founded 2018; headquartered in Boulder, Colorado.
Syn Cubes
Cybersecurity company specializing in Penetration Testing as a Service (PTaaS); offers web, API, IoT, mobile, infrastructure, and cloud pentesting; founded in 2020, with $6.3M revenue, 2 employees; based in Claymont, Delaware.
Triaxiom Security
IT services and consulting company specializing in cybersecurity; offers penetration testing, security audits, and strategic consulting; 9 employees with 18.2% YoY growth; $3.0M annual revenue; based in Charlotte, North Carolina.
Carson & SAINT Corporations
Cybersecurity and risk management company based in Maryland, US; 18 employees, $10M revenue, founded 1998; provides cybersecurity services including penetration testing, vulnerability management, consulting, compliance, and IT security; active penetration testing capabilities confirmed through dedicated service pages, PCI compliance references, and multimedia content.
Praetorian Secure
Praetorian Secure is a Michigan-based cybersecurity firm specializing in penetration testing and security consulting; 2 employees, $33.2M revenue, founded 2009, headquartered in Davison, MI. Offers comprehensive pentest services including network, web, wireless, IoT, and cloud assessments, with expertise in HIPAA, PCI-DSS, and NIST compliance; serves both commercial and government sectors.
nGuard
Cybersecurity company specializing in computer and network security; offers penetration testing services including external and internal pentests; 17 employees with 3.3% YoY growth; $5.7M annual revenue; founded 2002; headquartered in Charlotte, North Carolina.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
KirkpatrickPrice
IT services and consulting firm specializing in information security assurance, including penetration testing, PCI audits, and risk assessments; 90 employees (+8.4% YoY), $6.8M revenue, founded 2005, Nashville, TN; provides advanced ethical hacking and vulnerability assessments, serving over 2,000 clients worldwide.
Columbia Advisory Group
IT services and consulting firm specializing in cybersecurity, governance, risk, and compliance; provides penetration testing and managed IT services to higher-education clients; 31 employees, $5M-$25M revenue, founded 2012, Dallas, TX.
Fortreum
Cybersecurity company headquartered in Lansdowne, Virginia, providing penetration testing and offensive security services; employs specialized pentesters and red team leads, with explicit government procurement listings for penetration testing services.
Aerstone
Cybersecurity firm headquartered in Springfield, Virginia; specializes in penetration testing services including Penetration Testing as a Service with ongoing testing and remediation capabilities.
Dot.Bit d.o.o.
Croatia-based IT services and cybersecurity firm specializing in payment security, compliance, and penetration testing; 2 employees with 25% YoY growth, founded 2019, headquartered in Zagreb, Croatia; offers vulnerability assessments and penetration testing services.
Odyssey Cybersecurity
Cybersecurity firm based in Strovolos, Nicosia, Cyprus; provides penetration testing, vulnerability scanning, and threat management services; explicitly mentions ethical hacking, red teaming, and security audits in service offerings.
Reversec
Cybersecurity consulting firm specializing in penetration testing and offensive security; NCSC-verified CHECK company; 148 employees; Helsinki, Finland; Founded over 30 years ago; Focused on helping organizations tackle complex cybersecurity threats through offensive-driven services and continuous research.
Advertise on pentest.fyi
You could be here!
XMCO
Cybersecurity consulting firm specializing in penetration testing, security audits, and incident response; 93 employees (+21% YoY growth); $5M-$25M revenue; Founded 2002; Paris, France; CERT & PCI QSA certified.
Orange Cyberdefense SA
French cybersecurity firm based in Paris La Défense; provides penetration testing, red teaming, and threat-led security testing services, demonstrating a focus on active defense and attack simulation capabilities.
Nomios France
Cybersecurity firm based in Boulogne-Billancourt, France; provides penetration testing and security assessments; specializes in simulating real-world cyberattacks to identify vulnerabilities, adhering to PTES standards.
Orange
Orange is a telecommunications and digital services provider headquartered in Issy-les-Moulineaux, France, with 38,184 employees and $43.6 billion in annual revenue. It has a EUR27.2 billion market cap and $6.5 billion in total funding, with recent acquisitions like MasOrange, S.L. Orange actively offers penetration testing services via its cybersecurity subsidiary, including Penetration Testing, Red Team Services, and Threat-Led Penetration Testing, emphasizing its capabilities in active security defense testing. The company is committed to social responsibility, digital equality, and building a safer digital world.
S.C. Orange România S.A.
S.C. Orange România S.A. is a private telecommunications provider headquartered in Bucharest, Romania, with 23 employees (+9.7% YoY growth) and over $1 billion in annual revenue. It has a strong online presence with 6.3 million monthly website visits and ranks #10,169 globally. The company explicitly offers penetration testing and security assessment services, supporting its role in cybersecurity and offensive security capabilities within the telecom sector.
Bastion Security Group
New Zealand-based cybersecurity firm specializing in penetration testing services, including web application, external, internal, and AI assessments; 75 employees, founded 2023, with 7.5% YoY growth, headquartered in Wellington, NZ.
CyberZone Global
CyberZone Global is an Australian cybersecurity company specializing in penetration testing; CREST-accredited provider offering network, web & API, wireless, IoT, cloud, and red-team testing services. Based in Melbourne, Victoria, with verified Australian contact details.
Dotsec
Cybersecurity company based in Brisbane, Australia; specializes in penetration testing services conducted by experienced Australian testers, providing actionable security assessments and consulting.
Ubitrak
IT services and consulting company specializing in security compliance, PCI DSS, and Interac audits; 5 employees, founded 2002, based in Montréal, Canada; offers penetration testing, security training, log management, SIEM, and audit services, with over 500 clients guided since 2010.
Pen Test Partners
Cybersecurity company specializing in penetration testing services across networks, applications, and cloud; 67 employees, $6.1M revenue, founded 2010, based in Buckingham, UK; recognized for expertise in red teaming, testing, and security consulting, with 28,414 monthly website visits and global rank #1,041,359.
Surecloud Cyber Services
Cybersecurity company based in Gloucester, UK; specializes in penetration testing, including infrastructure and cloud security testing, with active vulnerability assessment and attack simulation capabilities.
GoAllSecure
GoAllSecure is a UK-based private cybersecurity services provider specializing in penetration testing, red team exercises, and comprehensive security solutions. Founded in 2021, it has 9 employees with 50% YoY growth, offering services across website, API, cloud, server, and mobile security to global clients. The company emphasizes offensive security with active penetration testing and assurance offerings, serving both government and private sectors worldwide.
Prism Infosec
Cybersecurity firm based in Cheltenham, UK, specializing in penetration testing, red teaming, and GRC services; provides assessments, testing, and response solutions to enhance security posture.
Securious - Data and Cyber Security
Cybersecurity compliance and pentesting company based in Exeter, UK; 11 employees with 18.2% YoY growth; founded in 2007; provides PCI DSS, ISO 27001, Cyber Essentials, and penetration testing services to UK and international clients.
MXC Security (Singapore) Pte. Ltd.
IT services and consulting company specializing in information security, including penetration testing, vulnerability assessment, and red teaming; based in Hong Kong with 16 employees, founded in 2003, and ranked #10,296,402 globally. Offers expertise in security management, compliance, and privacy consultancy.
Stop wasting time on security questionnaires
ResponseHub uses AI to automate your security questionnaire responses. 100% confidence, save days, unblock deals.
Defenxor
Indonesian cybersecurity firm based in South Jakarta; specializes in penetration testing and security assessments, offering comprehensive security consulting services to clients.
5Tattva (Cert-IN Empanelled & PCI QSA Company)
Cybersecurity consulting firm based in Gurugram, India; specializes in audits, vulnerability assessment, penetration testing (VAPT), and 24x7 SOC monitoring; 18 employees with +33.3% YoY growth; PCI QSA and CERT-IN empanelled; active in compliance standards including PCIDSS, ISO 27001, GDPR, and HIPAA.