How to Run a PCI Vulnerability Scan for PCI Compliance

5 votes, average: 3.00 out of 55 votes, average: 3.00 out of 55 votes, average: 3.00 out of 55 votes, average: 3.00 out of 55 votes, average: 3.00 out of 5 (5 votes, average: 3.00 out of 5, rated)
Loading...

The Payment Card Industry Data Security Standard (PCI DSS) requirement — number 11 — that mandates quarterly ASV scans for vulnerabilities is one of the most cringed-about requirements of any compliance framework anywhere. Yes, the dreaded PCI vulnerability scan. The word “scan” gives companies fits. That’s silly, because as you’re about to see, scanning is simple.

Sectigo is a PCI-approved scanning vendor — or what’s known as a PCI ASV — with its HackerGuardian ASV scanning product. It’s former life as a Comodo CA product, companies around the world used it to scan their networks, both internally and externally. Now, as Sectigo HackerGuardian, it will continue its mission of helping businesses stay compliant with PCI requirements. The best part? HackerGuardian PCI Scanner is the cheapest PCI vulnerability scanner on the internet! The most comprehensive is also the cheapest. It doesn’t get better than that.

No, wait, it does. Nobody sells Sectigo HackerGuardian PCI Scanner for cheaper than we do. Not even Sectigo. We guarantee it.

Save 67% on PCI Scanning

Get Sectigo HackerGuardian PCI Scanner for only $81.90/year.

Start Scanning

How to Perform a PCI Scan

Ok, assuming you’ve purchased and set up HackerGuardian — a simple process that can be handled using Sectigo’s online wizard — here’s how you can run your first PCI vulnerability scan:

  1. Check your IP scanner address. Depending on your network, you may need to add the following IP addresses to your list of trusted IPs:
64.39.96.0/20 (64.39.96.1-64.39.111.254)
  1. Define your in-scope infrastructure. To do this:
  • Click the Asset Wizard button on the homepage of your dashboard.
  • Add all public-facing IP addresses/ranges
Graphic: PCI vulnerability scan
  1. Click Start Scan to start your PCI DSS vulnerability scan.
Graphic: PCI vulnerability scan
  1. From here, Sectigo HackerGuardian will perform its external scan and return a PCI scan vulnerability report detailing any of the vulnerabilities it has found.
Graphic: Sectigo HackerGuardian scan window
  1. Select Go to Scan Results.
  2. You will be sent to a page with each vulnerability the scan found, as well as filters to help you sort through them.
Graphic: Sectigo HackerGuardian scan results page
  1. Each vulnerability will be ranked by severity. Clicking on it will provide verified solutions from Sectigo’s team of experts.
  2. Follow that advice. Fix each vulnerability.
  3. Run the scan again.
Graphic: Sectigo HackerGuardian ASV scan tool
  1. Provided it passes, select the Go to Compliance option.
Graphic: Sectigo HackerGuardian scan window
  1. Follow the instructions to submit your report.

That’s it. Now that you’ve seen how simple and straightforward the process can be with the right tool, try it for yourself.

Related posts:

  1. How to Run a PCI Internal Vulnerability Scan
  2. How to Run a PCI DSS External Vulnerability Scan
  3. How Much Does PCI Compliance Cost?
  4. What is a PCI Approved Scanning Vendor?
  5. How to Meet PCI DSS Requirements for Security & Compliance
  6. PCI Non Compliance: What Happens If I Don’t Follow PCI DSS?
  7. ASV Pricing: How Much Does a PCI ASV Scan Cost?
  8. Does PCI DSS Require PCI Penetration Testing?

Tags: