To meet compliance with the PCI Data Security Standard, external vulnerability scans must be run on a quarterly basis against all of your Internet facing networks and systems that are in scope for PCI compliance.
A few things to consider... |
Be sure that there are IP addresses in your account for scanning IPs, and DNS hosts in your account for scanning by DNS. See: Manage Your IP Assets | Manage Your DNS Hosts |
We recommend you run a discovery scan (go to Network > Discovery) in order to find IPs that are active and connected to the Internet. Then add the discovered IPs to your account. |
Depending on your network, it may be necessary to add the service's scanner IPs to your list of trusted IPs, so the service can send probes to your in-scope system components. Learn more |
I'm ready to start my scan. What are the steps? |
It's simple to start your scan. Go to Network > New Scan, and tell us: 1) what to call your scan, 2) the bandwidth setting you want to use, and 3) which assets to scan. You can scan IP assets or DNS assets in your account. |
I started my scan. What's next? |
next to
each vulnerability that must be fixed to pass PCI compliance.
After fixing vulnerabilities, start another scan to verify
the fixes.