ASV scans

We partner with Qualys and Clone Systems, well-known vulnerability management vendors, to provide ASV scanning solutions.

These tools enable clients to perform an external vulnerability scan of an organisation’s network from the outside looking inwards. The scan report clearly indicates if a ‘pass’ score was attained, or remediation is required for PCI DSS compliance. 

#

How we
do it

1. Account set-up

This is an exchange of details for account set-up. After this, we organise a short (10–15 minutes) conference call to present the tool, available configuration options, scan schedule functionality.

2. Regular scans

The client sets up scans and performs them on a regular basis. Saved scan reports must be presented to the assessor at the time of the annual PCI DSS assessment.

3. Remediation (if needed)

This is performed if scans indicate security issues. The client needs to fix identified issues and re-run the scan. 

4. Re-scan

This is the same as the regular scan. Another scan is performed, and scan reports are saved for future compliance assessment.

5. Supervision

This is a complementary service. Once a month we check accounts of our clients and inform them if we see they are at risk of missing a scan, as clients with a missing scan cannot be PCI DSS compliant.

#

How we
do it

1. Account set-up 2. Regular scans 3. Remediation (if needed) 4. Re-scan 5. Supervision

This is an exchange of details for account set-up. After this, we organise a short (10–15 minutes) conference call to present the tool, available configuration options, scan schedule functionality.

The client sets up scans and performs them on a regular basis. Saved scan reports must be presented to the assessor at the time of the annual PCI DSS assessment.

This is performed if scans indicate security issues. The client needs to fix identified issues and re-run the scan. 

This is the same as the regular scan. Another scan is performed, and scan reports are saved for future compliance assessment.

This is a complementary service. Once a month we check accounts of our clients and inform them if we see they are at risk of missing a scan, as clients with a missing scan cannot be PCI DSS compliant.

Trusted by

#

98 %

Client retention rate

100 %

Clients pass the audit on the first attempt 

>75 %

Long-term clients for more than seven years 

#