PCI ASV Security Scan
We are a Certified Approved Scanning Vendor ASV and provide vulnerability scanning services in accordance with PCI DSS.
Security vulnerabilities of Internet facing systems can potentially have severe, wide-reaching implications for your organisation. Cognosec’s certified ASV Scans will identify weaknesses and vulnerabilities as well as quantify their severity – allowing them to be managed efficiently and effectively. Cognosec is an Approved Scanning Vendor (ASV) – an organisation with a set of security services and tools available to validate adherence to the external scanning condition of the PCI DSS requirement 11.2. The scanning vendor’s ASV scan solution is always tested and approved by the PCI SSC before an ASV is added to the list of approved scanning vendors. As Cognosec is a Qualified Security Assessor (QSA) for the PCI-DSS and PA-DSS as well as an Approved Scanning Vendor (ASV)– making Cognosec a one-stop-shop for your PCI compliance needs. Cognosec can provide you with a full PCI DSS audit portfolio on top of the consultancy service we already offer – creating a rounded and comprehensive compliance package. We are authorised to help your company obtain and maintain PCI DSS compliance.
An Approved Scanning Vendor (ASV) is an organization with a set of security services and tools to validate adherence to the external scanning requirement of PCI DSS Requirement 11.2.2. We are a Certified ASV and provide vulnerability scanning services in accordance with PCI DSS. Vulnerability scan results provide valuable information that supports efficient patch management and other security measures that improve protection against Internet attacks. Any organisation who wants to maintain their PCI compliance, who wants to know what their weaknesses and vulnerabilities are, and who wants to prevent financial and reputational loss has to conduct ASV scans.
Cognosec’s Approved Scanning Vendor scans identifies weaknesses and vulnerabilities as well as quantifies their severity – allowing them to be managed efficiently and effectively. This means that an organisation:
- Fulfils the PCI DSS Requirement 11.2 for quarterly vulnerability scans performed by an ASV.
- Provides proof of due diligence to regulators, customers and shareholders.
- Prevents financial loss through fraud or unreliable infrastructure.
- Protects your brand against the loss of reputation.
Cognosec performs regularly scheduled scans (monthly or quarterly), as well as ad hoc scans – producing and delivering an ASV Report containing every discovery and an evaluation thereof. Security matters covered range from authentication, authorisation and misconfiguration issues to information disclosure and obsolete software version concerns.
What is included in a scan?
Cognosec’s Scanning Solutions test and report on:
- Firewalls & Routers
- Operating Systems
- Database Servers
- Web Servers
- Application Servers
- Common Web Scripts
- Built-in Accounts
- DNS Servers
- Mail Servers
- Web & Other Applications
- Common Services
- Wireless Access Points
- Remote Access
- Point-of-sale (POS) Software