Boston, Mass – April 24, 2025 – GM Sectec, a global leader in cybersecurity solutions, and Pentera, the market leader in automated security validation, announced a partnership to provide organizations with comprehensive solutions for PCI DSS 4.0.1 continuous penetration testing and remediation. This collaboration addresses the enhanced requirements of PCI DSS 4.1 for a more dynamic and risk-driven approach to penetration testing.

PCI DSS 4.0.1 emphasizes the need for continuous testing, particularly in response to infrastructure changes and timely remediation of vulnerabilities. This shift from annual testing to ongoing validation is crucial for organizations that face sophisticated cyber threats and aim to maintain a robust security posture.

Through this partnership GM Sectec will deliver Pentera’s leading automated security validation platform as part of a broader, proactive approach to penetration testing and risk reduction.

“The move towards more frequent testing under PCI DSS 4.0.1 is essential for organizations to stay ahead of evolving threats,” said Héctor Guillermo Martínez, President GM Sectec. “Pentera’s platform empowers organizations to test their security stack on demand, validating defenses against adversarial tactics and guiding remediation based on prioritized business impact. Through this partnership, we’re enabling our clients to move beyond periodic assessments and adopt a more agile, evidence-based approach to risk and compliance.”

“Security teams often operate under the assumption that their security stack is performing as intended, but the only way to be certain is to test it against real attacks,” said Scott Merkle, VP Sales, Americas, Pentera. “GM Sectec expertise, coupled with the Pentera platform, enables organizations to remove assumptions about their security effectiveness, focus on real, validated risk, and take targeted action to reduce exposure.”

This partnership will provide organizations with:

  • Continuous Penetration Testing: Automated testing and validation against real-world adversarial techniques
  • Efficient Remediation: On-demand testing for timely identification and remediation of security gaps
  • PCI DSS 4.0.1 Compliance: Solutions designed to meet the enhanced requirements of the standard