Compliance Services

VSR provides services to assist clients with all of their compliance needs, including PCI, GLBA, HIPAA & Sarbanes Oxley.

As part of VSR's compliance services we work with organizations to perform a GAP analysis against regulatory requirements and industry best practices. We not only identify gaps against current regulations but provide recommendations based on industry specific best practices to ensure compliance as regulations evolve.

PCI Readiness

During the readiness review VSR helps clients prepare for upcoming PCI audits by evaluating their current environment, applications, policies, procedures and security controls against the PCI Data Security Standards (DSS). VSR performs an in-depth gap analysis allowing clients to better understand deficiencies prior to the PCI audit. Upon completion of the readiness review VSR's consultants provide a detailed roadmap identifying both tactical and strategic remediation approaches to achieve compliance with the standards.

PCI Requirements

In addition to PCI readiness assessments, VSR offers the following services, allowing clients to meet objectives defined by the PCI Data Security Standards (DSS):

PCI Remediation

When assisting with PCI remediation efforts VSR works with clients to understand the requirements of the PCI DSS, and how to implement effective security policies, procedures and controls to address existing gaps. VSR has assisted clients develop and engineer solutions to address both technical and process / policy gaps.

Apple iOS / OSX: Foundation NSXMLParser XXE Vulnerability

XML Schema, DTD, and Entity Attacks

IBM WebSphere Commerce: Encrypted URL Parameter Vulnerable to POA

Timothy D. Morgan presents No Crack Required: Cryptanalysis in Real-World Applications at OWASP AppSecUSA 2012.


Contact us by phone,
fax or e-mail:

Phone: 617.933.8919
Fax: 617.933.8920