Looking for PCI QSA recommendations

Question

Looking for PCI QSA recommendations

general

So I'm investigating PCI compliance on Linode and I'd like to find a qualified security assessor company to validate my answers to the self assessment questionnaire. Ideally I'd like to find a company that has experience working with environments hosted on Linode. I've been searching on this forum and the internet in general but I'm having a hard time finding anything relevant. I am aware there are payment processors out there (i.e. stripe) that you can use to avoid PCI compliance but in this particular case that's not an option.

Do any of you run PCI compliant environments on Linode, do you use a QSA to validate them, and if so would you be willing to share which one and what your experience has been working with them?

1 Reply

forum:IfThenElse · Answer 1 · April 11, 2017, 6:22 a.m.

forum:IfThenElse 7 years, 7 months ago

Due to my sensitive work, I went through several companies offering PCI compliance. I am a software developer, so it is quite easy for me to see through the lies and marketing garbage. All these companies are doing is to run a little program/script that scans for various parameters, so nothing fancy, which means that the money they are asking are just outrageous for the amount of work that they do. So I rejected most of them. It reminds me of the SSL certificate scam that forced us to buy certificates all these years, but now that has finally ended.

Eventually I found a company (sc2labs) that has realistic prices and great PDF reports with tons of details for me (and a separate PDF for the management people with less technical information). Here is their website: http://sc2labs.com/?lang=en

They worked great with my linode clusters.

Compute

Storage

Networking

Databases

Services

Developer Tools

Industries

Pricing

Community

Engage With Us

Looking for PCI QSA recommendations

1 Reply

Reply

Tips: