Secure SLC-Qualified Software Vendors
The PCI Secure Software Lifecycle (SLC) Standard is part of the PCI Software Security Framework and helps software vendors to ensure that security is designed and integrated at each stage of the software lifecycle. Software vendors can engage a Secure SLC Assessor to have their SLC assessed and validated for compliance with the Secure SLC Standard. The assessment and validation are documented by the Secure SLC Assessor in a Report on Compliance (ROC). Software vendors that have undergone this validation process are listed on PCI SSC's Secure SLC-Qualified Software Vendors list.
Although the PCI Council reviews these reports for quality management purposes, the PCI Council does not independently confirm the reports or the data or information they contain, nor does the PCI Council perform any testing or analysis of software lifecycles, products, functionality, performance, suitability or compliance with the Standard.
Find a Secure SLC-Qualified Vendor
Dates in orange represent a Secure SLC that has not been annually attested to in accordance with Secure SLC program requirements (up to 90 days overdue).
Dates in red represent a Secure SLC that has not been annually attested to in accordance with Secure SLC program requirements (more than 90 days overdue).