|
|
Your IP assets are the internet-facing IP addresses and or ranges that must be scanned for PCI compliance. If you have domains that host in-scope PCI infrastructure, these domains must be added to your account. Go to Account > IP Assets to see the IPs in your account and to make changes to the list.
PCI network scans must be run on a quarterly basis against all of your Internet facing networks and systems that are in scope for PCI. Per the PCI Council's Program Guide, you are responsible for defining the in-scope infrastructure for the PCI network scan.
Go to Account > IP Assets. Use the buttons on the right side to make changes to your IP assets list. When you add and remove IPs, you'll see indicators in the IP Assets list identifying the status of your changes.
Perform a discovery scan on any IP range to identify live hosts (hosts that are currently active and connected to the Internet) and hosts that are in your account but not live. The discovery scan results give you workflows for adding and removing IP addresses.
Out of scope assets include IP addresses that were previously in-scope but removed from the subscription, and IP addresses discovered by the service as part of your in-scope infrastructure. The service discovers IPs by resolving domains to IP addresses and resolving external links to IP addresses. The total number of out of scope assets appears in your network report in the section "Attestation of Scan Compliance". Learn more