The Challenge
The Payment Card Industry Data Security Standard (PCI DSS) exists to reduce the risk of debit and credit card data loss. The regulations mandate that any businesses that process, handle or store card data are required to be PCI DSS compliant. And under requirement 11.2.2, quarterly external vulnerability scans must be performed by an Approved Scanning Vendor (ASV). Typically, PCI ASV scans are a manual process that takes consultants weeks to schedule, perform and then report on the findings. As a static, paper-based document, it acts as a photo, capturing your infrastructure at a specific moment in time. It doesn’t prove your ongoing compliance or tell you the remediation controls you need to implement, which makes the report nothing more than a ‘tick-box’ exercise. But, make the information dynamic, present it in real-time and wrap an intelligence layer around it, and suddenly you have something that creates value for your business.
The Solution
PCI ASV Scan Management eliminates the hassle of compliance by giving you complete control over your PCI ASV scans. Now you can schedule scans at your convenience, re-scan instantly and view detailed reports on individual vulnerabilities, including their description, recommended solution and any technical information.
