Startup Defense.Net, a company designed to help web hosting providers, e-commerce sites and financial institutions mitigate the increasing scale and sophistication of modern Distributed Denial of Service (DDoS) attacks, has achieved 2014 PCI DSS (Payment Card Industry Data Security Standard) 2.0 certification for its suite of DDoS mitigation services.
As web hosting infrastructures continue to be targeted by cyber attackers, it’s crucial that organizations have the most advanced countermeasures in place. Achieving PCI DSS 2.0 compliance for 2014 would allow Defense.Net to offer an added layer of security to companies that handle cardholder data, from financial institutions to web hosting providers to e-commerce companies.
The certification was performed by Security Metrics, a multinational merchant data security and compliance company, and a Qualified Security Assessor (QSA) from PCI.
Credit card fraud protection
PCI DSS is an information security standard defined by the Payment Card Industry Security Standards Council. PCI certification is required for organizations that process, store or transmit credit card data. It is designed to protect cardholders from credit card fraud and to provide a secure online environment.
The rigorous review, testing and measurement of security policies that is required to achieve the PCI DSS standard have made it the de facto “Gold Standard” for cloud-based security vendors to prove the security of their infrastructure.
While Defense.Net does not store or process cardholder data, it does provide programmatic network traffic analysis to mitigate attacks against its customers’ websites. During the course of traffic analysis customer data is decrypted, analyzed, and then re-encrypted and this data may include credit card data.
Defense.net was recently founded by cyber security pioneer Barrett Lyon (co-founder BitGravity). As a startup company, Defense.net received $9.5 million in funding from Bessemer Venture Partners in August 2013.