The Payment Card Industry (PCI) Security Standard Council (SSC) require all Approved Scanning Vendors (ASVs) to re-qualify annually by undergoing a validation process. Each year SureCloud, the ASV, need to demonstrate the capabilities of our ASV toolset by achieving a certain ratio of ‘detection’ of vulnerabilities against a test lab / environment. The assessment also involves an audit of our processes, reporting and client procedures.
We are pleased to announce that for the 8th year running SureCloud has successfully taken and passed the PCI ASV validation process! SureCloud is one of a handful of ASVs (at time of writing) in the United Kingdom, listed the PCI SSC website.
SureCloud enables clients to manage, schedule and run their PCI scans using SureCloud’s PCI ASV Scan Manager application, allowing the quick assessment of results, obtaining reports and re-scanning until an overall ‘compliant’ state is reached. The client can review vulnerability detail, submit vulnerabilities for False Positive/Compensating Control review and gain access to SureCloud’s expert security services team through our innovative cloud-based Platform.
The PCI ASV offerings by SureCloud help organisations meet the following PCI DSS 3.1 requirements:-
11.2.2 (a) through (c) – External Aspects
11.2.3 (a) through (c)
SureCloud also offer internal vulnerability scanning to help organisations meet the following PCI DSS 3.1 requirements:-
11.2.1 (a) through (c)
11.2.2 (a) through (c) – Internal Aspects