About our company

The Firm…

Crimson Security Inc. is an information security compliance and assessment firm established in 2002 by a group of security professionals. Crimson is a privately held corporation and has been a PCI QSA company since the beginning of the program in 2006. Crimson has conducted on average around 40 assessments per year since then.

Crimson has worked with companies of different sizes, functions and structures. Some atypical examples include global telecommunication companies, hosting companies with high levels of virtualization; SAAS service providers, media companies, service providers and customer combinations, banks, airline companies, collection agencies, hosting companies etc. with complex networks, atypical application architectures, unique inter operations with their clients and vendors and sophisticated infrastructures.

Crimson QSAs all have over 20 years of experience and have all got security certifications such as CISSP, CISM etc. Our QSAs are CISSPs and are training as ISO 27001 Lead auditors and have other certifications such as SANS GIAC too. We have never had a QSA employee placed in remediation.

Crimson Security has a secure portal that manages the information and enables report generation and the reports are delivered using our encrypted channel (256 bit) or are delivered in a secure encrypted manner based on any secure channel that our clients prefer.

At Crimson we are flexible and customize as needed. We believe that the assessment is a consultative and collaborative exercise to ensure compliance and work with our clients to achieve this.

The Staff…

Crimson Security is run by a group of certified security professionals with several years of experience on both sides of the security industry. We have worked at security technology and consulting firms as well as in organizations where we have been tasked with determining the appropriate security posture and solutions, given requisite business processes, to ensure a safe, but efficient, operation. We are thus uniquely positioned to provide consulting as well as hands-on implementation services that focus on preventing or reducing unnecessary investment in technology and people, while maximizing security for the organization.

Crimson Security Professionals receive & recommend training from the following:




Our Customers…


Our Offices at


12020 Sunrise Valley Drive

Suite 100

Reston Virginia 20191

United States

+ 1 631-265-3564

More Locations

Reykjavík, Iceland

Frankfurt, Germany

Cebu, Philippines