(Gawkwire) – Defense.Net, the only company designed to mitigate the increasing scale and sophistication of modern Distributed Denial of Service (DDoS) attacks, today announced that it has achieved 2014 PCI DSS (Payment Card Industry Data Security Standard) 2.0 certification for its suite of DDoS mitigation services. The rigorous review, testing and measurement of security policies that is required to achieve the PCI DSS standard have made it the de facto “Gold Standard” for cloud-based security vendors to prove the security of their infrastructure.
PCI DSS is an information security standard defined by the Payment Card Industry Security Standards Council. PCI certification is required for organizations that process, store or transmit credit card data. It is designed to protect cardholders from credit card fraud and to provide a secure online environment. While Defense.Net does not store or process cardholder data, it does provide programmatic network traffic analysis to mitigate attacks against its customers’ websites. During the course of traffic analysis customer data is decrypted, analyzed, and then re-encrypted and this data may include credit card data.
“As DDoS attacks continue to take down the websites of some of the largest global banks and enterprises, it’s crucial that organizations have the most advanced countermeasures in place,” said Chris Risley, CEO of Defense.Net. “Achieving PCI DSS 2.0 compliance for 2014 allows Defense.Net to offer an added layer of security to companies that handle cardholder data, from financial institutions to web hosting providers to e-commerce companies.”
While PCI DSS certification has become a requirement for cloud based security companies, the extreme rigor required to receive and maintain the certification has meant that a growing number of organizations have allowed their certification to lapse. “Financial services businesses and many companies in other sectors are advised, and in some cases required, to obtain copies of current PCI DSS certification documentation from their trusted security providers,” said Risley. “What is surprising is that many organizations that one would expect to have this certification have never in fact completed the process.”
The certification was performed by Security Metrics, a multinational merchant data security and compliance company, and a Qualified Security Assessor (QSA) from PCI.
Founded by Barrett Lyon, who created the Distributed Denial of Service (DDoS) attack mitigation industry more than 10 years ago, Defense.Net has combined the top minds in the DDoS space with breakthrough new technologies designed to effectively address today’s and tomorrow’s DDoS mitigation challenges. It is the only company to defend businesses and organizations against this new generation of massive and sophisticated DDoS attacks while delivering the highest levels of Internet application performance – two areas where legacy DDoS mitigation services have not been able to match the modern strategies of today’s cyberattackers. With increasing threats from the escalating scale and complexity of DDoS attacks and a growing number of antagonists willing to use them, Defense.Net protects organizations from modern attacks by providing end-users with a seamless experience as if no attack were occurring. The company has raised more than $9.5M in debt and equity financing with investors that include visionary security and Internet investor Bessemer Venture Partners (BVP).