Yes. The full 300+ requirement set is mapped.

PCI DSS v4.0.1

PCI-DSS compliance, proven cryptographically.

Map your CDE without shipping its data.

PCI DSS v4 requirements ship as discrete, signed evidence chains. SAQ prep that used to take months becomes verifiable in days.

Start free trial See a signed PCI-DSS package

No credit card
No demo required
Cancel in 1 click
Data never leaves your machine

PCI-DSS chainSHA-256 · Ed25519 · W3C VC

$100K

monthly PCI non-compliance penalty per acquirer — until you’re back in compliance.

Source: Visa / Mastercard merchant agreements

Control coverage

300+ requirements, purpose-built for PCI-DSS.

No generic prompts. Each control is mapped to evidence shape, citation requirements, and grading thresholds.

Req 1

Network security controls

Firewall and routing configurations.

Req 3

Protect stored account data

Encryption and key management.

Req 8

Identify users

Authentication and password requirements.

Req 11

Test security regularly

Vulnerability scans, pen tests, monitoring.

How Probatum maps to PCI-DSS

From clause to cryptographic artifact.

Network segmentation→ Verifiable network diagrams + ACL evidence
Key management→ Hash-chained key rotation log
Vulnerability management→ Cited scan evidence + remediation chain
Incident response→ Signed IR runbook execution evidence

Cited evidence per control
Hash-chained audit log
Signed Verifiable Credential
Offline verifier CLI

W3C Verifiable Credential verified

status: Valid — Not Revoked
framework: PCI DSS v4.0.1
controls: Req 1, Req 3, Req 8, Req 11
score: 0.94
signature: Ed25519 ✓ 4f8a…b9e2
issuer: did:key:z6MkpTHR8VNsBxYAAWHu…
chain_hash: a3f8b2c1d4e5f607…
issued_at: 2026-05-23T14:08:42Z

PCI-DSS questions, answered.

No. Probatum indexes the evidence about your CDE — policies, configs, scan output — not the cardholder data itself. The CDE stays in your environment.

How Probatum stacks up on PCI-DSS

Compare PCI-DSS approaches across the major vendors.

Probatum vs Vanta

For teams evaluating PCI-DSS tooling.

Probatum vs Drata

For teams evaluating PCI-DSS tooling.

Probatum vs Secureframe

For teams evaluating PCI-DSS tooling.

Run more frameworks on the same chain

Reuse evidence across frameworks.

SOC 2

0 controls

ISO 27001

0 Annex A controls

HIPAA

0 implementation specs

GDPR

0 articles

NIST CSF

0 subcategories

LGPD

0 articles

Start your PCI-DSS program today.

14-day free trial · $299/mo · no demo · cancel in 1 click

Start free trial See pricing