The Datassurant Secure Software Standard (SSF) service offering is a compliance consulting service centered on the PCI Secure Software Framework (SSF), which is the modern replacement program for PA-DSS. It is designed for companies that design, build, license, or deploy payment software, payment-supporting software, or related software such as point-of-sale (POS) systems. The SSF Core requirements with Module A apply to payment software vendors seeking validation under the updated, objective-based framework. Unlike PA-DSS, the SSF takes a risk assessment-centric, objective-based approach, allowing flexibility for software vendors to meet security requirements and control objectives in ways appropriate to their specific solutions. Datassurant also provides services related to the Secure Software Lifecycle (SLC) standard, a component of the broader SSF framework. SLC-validated vendors can perform certain SSF-related tasks with reduced assessor involvement, similar to the "wildcard" versioning capability previously available under PA-DSS. Additional services offered under this program include: - Payment application gap analysis - Payment application testing - Code review - Software security guidance documentation assistance - Dynamic port scanning and network services detection - Vulnerability testing and web application vulnerability testing - Cloud security program consulting based on industry standards and best practices The service also encompasses PCI DSS compliance support, helping organizations validate compliance and reduce risk across credit card payment operations.