PCI Scan


PCI Compliance - Scanning Service


PCI DSS














Managed Professional Services

PCI Compliance via the Cloud

Immediate deployment - no hardware to set up, always up-to-date
 
Scan your network for vulnerabilities, determining if your network security is compromised and reporting whether the systems are compliant or not-compliant to the Payment Card Industry - Data Security Standards (PCI DSS). 




Assess - Remediate - Report

Benefits


> Protect cardholder information and keep networks secure from attacks

> Service partners are Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV) and Payment Application Qualified Security Assessors (PA-QSA)

> Fully certified to assess PCI DSS compliance

> Automatic scanning service

> subscription based service

> Pass a network security scan every 90 days by an approved scanning vendor

> Maintain secure web applications according to PCI Requirement 6.6
> Addresses requirements for external scanning in Requirements 6 and 11

> Document and submit proof of compliance to acquiring banks

> submit your scan results and questionnaire to your acquiring banks

> PCI Security Council Self-Assessment Questionnaire

> Scan vulnerability types within any application (built or customized in-house, or purchased)

> Service and Data protection provided by SAS 70 II audited security architecture.

> Tamperproof architecture ensures that scan results are never manipulated


Solution

> Turnkey deployment requires no software to deploy or maintain.

> Discovery of live devices to help merchants define systems that are in scope for PCI.

> PCI Technical Report is used to identify and prioritise remediation.

> PCI Executive Report is submitted directly to your acquiring banks as proof of PCI compliance.

> Authorised users can conduct vulnerability and Web application scans from anywhere using a Web browser.

> False positive exception handling


> Infrastructure Network Security Scan
  • Tests firewalls, routers, switches, etc.
  • Tests web, mail and database servers
  • Checks open ports and services
  • Checks for Trojans, common worms and backdoors
  • Continually updates and detects PCI-defined vulnerabilities


> For all web applications that must be secured to meet PCI requirements:
  • Detects and specifies vulnerabilities in those applications
  • Provides clear remediation instructions to fix vulnerabilities, down to the precise URL and exact nature of the problem.
  • Works on custom built, customised in-house, or purchased web applications
  • Spiders customer websites to ensure Total Coverage
  • Tests for complete OWASP Top 10



Also See

> PCI Solutions