Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Oneiric IT d.o.o.’s PCI DSS Dashboard is a compliance management platform built for PCI DSS v4.0.1, with a focus on moving teams away from spreadsheet-based management. It covers the 12 main PCI DSS requirements and 300+ sub-requirements, helping organizations track status, archive evidence, generate SAQ PDFs, and prepare structured materials for QSA review. Note that the terms clearly state the service is only a compliance management tool: it does not perform formal security assessments and does not guarantee PCI DSS compliance.
In terms of protection category, this is not a traditional firewall, EDR, or scanner, but a PCI compliance operations platform. Features include an evidence repository, AI-based mapping of evidence to PCI domains, AI compliance pre-screening, confidence scoring, SAQ-A to SAQ-D wizards, asset and network diagram analysis, CVE/CVSS vulnerability records, scan scheduling, remediation tracking, penetration test result logging, and log management for firewalls, IDS/IPS, anti-malware, access control, and physical security. On the management side, it supports owners, due dates, automated reminders, policy versions, acknowledgment records, and change approvals. MSPs can also use its multi-client and role-based access features to manage certifications for different customers.
The page states that the SAQ-A wizard can be filled out free forever, with a one-time €49 fee only when downloading a signed, submission-ready PDF, and emphasizes no subscriptions or hidden fees. However, the terms of service also mention possible monthly or annual subscription plans, free trials, and subscription cancellation rules, so pricing for more complete packages remains unclear. Based on the available text, deployment appears to be an account-based SaaS platform. There is no disclosed information on private deployment, data center locations, encryption details, or the platform’s own security certifications.
Its strengths are its clear focus on PCI DSS and its well-structured workflow, connecting requirements, evidence, assets, vulnerabilities, and audit exports. The structured ZIP export also helps reduce vendor lock-in risk. The downsides are that it cannot replace a QSA, there is limited information about the platform’s own compliance certifications, payment methods, support channels, and advanced integrations, and the pricing description is somewhat inconsistent. It is best suited for growing companies that need to complete SAQs and prepare audit evidence, as well as MSPs managing PCI compliance for multiple clients.
The text does not provide information about access from mainland China, RMB payments, invoices, local customer support, or a Chinese interface, so china_access can only be rated as unknown. For domestic teams that need PCI DSS support, it may be considered as a lightweight SaaS option, while also comparing it against local compliance consulting firms, GRC platforms, or providers that can cover both MLPS and PCI requirements.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on oneiric.me official site.
oneiric.me is an Unknown Legal & Tax provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach oneiric.me directly.