Network Scan Workflow

Step 2: Start New Network Scan

Start a new network scan on the IPs or DNS hosts in your account. You can only scan one asset type at a time. Optionally, schedule scans to run automatically at a later date/time or on a recurring basis.

Step 3: View Network Scan Results

Go to the Scan Results section for a complete list of running and completed network scans for the subscription. A Scan Results Report is available for each finished scan with a list of the vulnerabilities and potential vulnerabilities detected by the service at the time of the scan.

Step 4: Fix Vulnerabilities and Rescan

Go to the Current Vulnerabilities section to see all vulnerabilities for all hosts. For each vulnerability detected you can view detailed information for remediation so that you can quickly fix and eliminate the vulnerability. Then run another scan to verify that the vulnerability is fixed.

Step 5: Submit False Positive Requests

It's possible after fixing all vulnerabilities that you have an issue that doesn’t seem to apply to the host. In this circumstance, you may request an exception that will be considered by us as a false positive. An approved false positive will not cause you to fail PCI compliance.

Step 6: View Open Services Report

The Open Services Report is an interactive report provided to assist merchants with satisfying PCI DSS requirement 1.1.6. This report includes a complete list of services, protocols and ports detected by the most recent scans across all IPs on your network. Review the findings, classify detected services as Authorized or Unauthorized, then download the report.

Step 7: View Compliance Status

The Compliance Status section provides the current PCI compliance status for your network and its hosts. When the overall compliance status is Compliant, then you are ready to generate network reports for PCI certification.