Security Scans are the first step in the identification of vulnerabilities and miss-configuration of web sites, applications, and information technology (IT) infrastructures with Internet-facing IPs.
PCI DSS states “Internal and external network vulnerability scans must be performed at least quarterly and after any significant change in the network (such as new system component installations, changes in network topology, firewall rule modifications, product upgrades).” PSC is certified as an Approved Scanning Vendor (ASV) for the PCI Security Standards Council.
PCI Security Scans are recommended for all businesses that have Internet-facing Internet protocol addresses (IPs). Even if Internet-based transactions are not offered, other services may make systems accessible from the Internet. For example, e-mail and employee Internet access may potentially result in networks and cardholder data being exposed to the Internet if not properly protected.
Quarterly external vulnerability scans must be performed by an approved scan vendor (ASV) qualified by the PCI Security Standards Council. Scans conducted after network changes may be performed by the Client's internal staff.
PSC offers a suite of services that not only meet but exceed the requirements, ranging from simple self-service models to fully supervised solutions.