PCI Compliance Gap Analysis
PCI Website Security Penetration Test
Speak to the Risk Factory Foreman, and he'll tell you everything you need to know.
Call us on 0800 978 8139
PCI ASV Security Vulnerability Assessment Scanning is the process required to identify security vulnerabilities associated with the exterior-facing Internet Protocol (IP) addresses of the Card Data Environment (CDE) on your network. The process requires the use of a Payment Card Industry (PCI) Approved Scanning Vendor (ASV) technology to identify known security weaknesses such as configuration flaws, excess builds, missing security patches, updates or fixes.
You should do it to “see what a hacker sees”. Conducting this scanning will show you any existing Internet-facing weaknesses that could be exploited by hackers to access the systems processing your cardholder data. It should give you a clear picture of the security profile of your systems as seen from the Internet. It is also required to comply with Requirement 11.2.2 of the PCI Data Security Standard (DSS) V3.
The PCI DSS requires ASV scanning of the exterior facing IP addresses associated with your CDE quarterly and after any major changes.
We just need a list of the internet facing IP addresses associated with your CDE. If you don’t know these IP addresses, don’t panic our Factory Foreman can help you.
Also, don’t forget to specify the exact number (quantity) of ASV scans you’d like to purchase when getting your quote. Our Factory Foreman will call you to schedule each scan purchased. You can for example, purchase multiple scans (for better value) and get them delivered over time when you need them to match your ongoing business requirements.