PCI ASV HackerGuardian Scanning Service

Your challenge

To comply with requirement 11.2 of the PCI DSS, merchants and service providers must conduct and pass a quarterly vulnerability test (meaning one scan every 90 days, or 4 scans per year). This service provides the PCI scan certification necessary to demonstrate quarterly compliance.

• Any company that accepts, processes, or stores credit card information needs to comply with the requirements set by the Payment Card Industry Security Standards Council. Merchants that pass a PCI scan will receive the official certification they need to submit to their acquiring bank.
• Failure to comply with the PCI DSS may result in heavy fines, restrictions or permanent expulsion from card acceptance programmes.
• Vulnerability assessment scans must be performed quarterly by a PCI Approved Scanning Vendor.

Our service offering

Our HackerGuardian Scanning Service is a vulnerability assessment scanning solution designed to identify website vulnerabilities and, where relevant, to achieve and maintain PCI compliance. Website and network administrators have complete control over their scanning service and use a secure online console to schedule and run up to 10 scans per quarter over a maximum of 5 externally-facing IP addresses. These could be IP addresses that connect to the credit card acceptance, transmission and storage process (additional IP packs are also available) or are on key websites.

• PCI-compliant vulnerability scanning by a PCI Approved Scanning Vendor
• Get 'ready-to-submit' PCI compliance reports to send to your merchant bank
• Detailed reports identify security holes exposed by HackerGuardian's 30,000+ tests and contain remediation recommendations
• Secure web-based interface allows you to schedule up to ten PCI scans per quarter on up to five servers
• IP address packs can be added to your license to allow you to scan additional external IP addresses

Do you require an unlimited scanning service?

We also offer an unlimited scanning service for larger organisations, our HackerGuardian Enterprise Scanning Service. This includes unlimited scans per quarter, over a maximum of 20 externally facing IP addresses.

Why choose us?

• Quick setup wizards and an intuitive user interface make it simple to run scans and get the reports you need to submit for PCI compliance.
• Complete control – the secure web-based management console allows you to configure and run all scans at your own pace.
• ASV compliant – our PCI scanning service enables you to run an exhaustive vulnerability scan on your IP address to identify level 3, 4 or 5 vulnerabilities that would result in your company failing to meet the PCI DSS requirements.
• Automated scanning and reporting – you can organise to have automatic quarterly scans and reports to ensure that you remain in compliance with PCI DSS and bank requirements.
• In-depth reporting – you will receive a comprehensive vulnerability report detailing any security issues identified by the scan with easily actionable remediation advice cross-referenced to thousands of online advisories to help you fix the problem.
• Bank-acceptable reports – if you pass the PCI criteria (no vulnerabilities of severity level 3 or above), you will also be provided with a 'submission-ready' PCI compliance report that can be sent to your acquiring bank as an assertion of compliance.
• Customer credibility – HackerGuardian PCI scan customers receive a special credit card logo for their website that demonstrates to your customers that your site is safe for them to use.
• Backed by Comodo, a PCI Approved Scanning Vendor (ASV) – vulnerability assessment scans must be performed by a PCI Approved Scanning Vendor, which is exactly what you get from the IT Governance PCI HackerGuardian Enterprise Scanning Service.

Speak to an expert

Please contact us for further information or to speak to an expert.