PCI Approved Scanning Vendor

PCI Approved Scanning Vendor

Scan your card data environment, provide a passing scan. Sounds easy. So why is it so difficult to get a passing scan?

Experience shows that a key factor is your relationship with the Approved Scanning Vendor (ASV). ASV's have become automated, distant and remote with confusing support channels.

We've worked hard at Sec-1 to provide an ASV service with a human touch.

Each report is reviewed by an ASV Engineer, false positives removed and through your Account Manager you have direct access to technical expertise for remediation advice.
By combining our leading PCI DSS scanning tool with manual hands-on management you reduce the risk of reporting false positives and inaccurate vulnerabilities.
Most importantly, the SEC-1 ASV service makes passing scans easy.

PCI DSS Requirement 11.2

Elements of the PCI DSS requires that you perform quarterly external vulner-bility scans via an Approved Scan-ning Vendor (ASV) approved by the Payment Card Industry Security Standards Council (PCI SSC).

For further information and to find out if PCI ASV scanning applies to you please see this additional reading.

ASV Scanning Process

Scoping

  • Accurate scope is crucial to obtaining a compliant scan. Our guidance will help you ensure this is correct.

Scanning

  • Scanning quality has been validated by the PCI SSC. Further information can be found in the additional documentation.

Reporting/Remediation

  • Interim reports are presented should a scan not pass first time.

Dispute Resolution

  • Technical understanding of our engineers will en-sure that any disputes are validated.

Rescan

  • Unlimited rescans are included in the licensing model. Rescans will be required to arrive at a passing scan. Support services will be available to help you understand the results.

Final Reporting

  • A report will be sent on completion of a passing scan. This report is to confirm that the tar-get is free from vulnerabilities rated 4 or higher on the CVSSv2 scale, and/or that compen-sating controls have been applied that mitigate vulnerabilities which can not be remediated.

Key Benefits

Low cost
Competitively priced per IP address per quarter.

Qualified Personnel
Engagements are fulfilled by qualified, highly skilled, and experienced security engineers.

Maximum Quality
Our engineers use a combination of manual and automated techniques to maximise the quality of your service.

Customer Support
Assistance will be provided to scan customers to:

  • Advise on the recommended scope based on current network architecture
  • Prioritise the solution and mitiga-tion of identified issues
  • Apply corrective actions in line with the PCI DSS
For further information please contact us on 01924 284 240 or submit the contact us form oon this page.

 

 

Request callback Make an enquiry Receive newsletter?

'We have always found Sec-1 to be approachable and helpful in all aspects of our network security, nothing is too much trouble for them.'

Adam Bamping
The Lighthouse Group