The PCI Security Standards Council’s PCI DSS Requirement 11.2.2 mandates that merchants must conduct an external network security scan with a PCI approved solution. The network scan must pass, at a minimum, once every ninety days. These network scans are facilitated by Approved Scanning Vendors (ASVs). ASV is an organization with a validated vulnerability scanning service that adheres to the external scanning requirements of PCI DSS Requirement 11.2.2. The scanning vendor’s ASV scan solution is tested and approved by PCI Security Standards Council (SSC).
Managed Vulnerability Scanning
ASV scanning services are part of SageNet’s Vulnerability Management services. Utilizing Clone Guard for PCI Compliance Scanning, our goal is to evaluate the current status of information systems and applications against known vulnerabilities, identify technical gaps, and provide a report to assist with remediation.
- Approved Scanning Vendor (ASV) external scanning services to satisfy PCI DSS requirement 11.2.2.
- Internal scanning service
- Initial scanning configuration and scheduled set-up
- Vulnerability reporting with remediation recommendations and, when appropriate, Attestation of Scan Compliance reporting
Featured Case Studies
Discover how our customers put SageNet solutions to work.