How to Run a PCI Internal Vulnerability Scan

Rate this article: 1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 3.00)

The Payment Card Industry Data Security Standards (PCI DSS) are extremely clear about their vulnerability scanning requirements — both for a PCI internal vulnerability scan and an external one. Any organization that accepts payment card is required to scan its network regularly. Specifically, that means that they need to:

  • Scan quarterly;
  • Use an approved PCI ASV scanning vendor;
  • Scan internally and externally;
  • Remediate any issues it discovers; and
  • Submit reports to your acquiring bank.

That may seem like a lot, but with the right tools, it’s really not. In fact, it’s quite easy if you’re using Sectigo HackerGuardian PCI scanner, which provides guidance on how to perform both PCI internal vulnerability scan and external scan functions to stay compliant.

What is Sectigo HackerGuardian?

HackerGuardian is a PCI compliance and vulnerability scanner powered by Qualys. It not only handles both the external and internal PCI scans for vulnerabilities that you need to perform, but it also provides instructions on how to remediate them.  

HackerGuardian comes available at three levels: Standard, Enterprise and HackerProof. It can scan both internally and externally, up to five different IP addresses (additional IP address packs available as needed). It does EVERYTHING.

It scans your network and produces actionable reports with instructions on how to remediate any vulnerabilities it finds. It also creates ready-to-submit reports that cover what it’s found, what you’ve done to fix it and that your network is secure.

All you have to do is click a few buttons. Seriously.

But what buttons? Let’s talk about how to perform an internal vulnerability scan to monitor your networks and stay compliant.

How to Perform a PCI Internal Vulnerability Scan

First of all, to run an internal PCI scan, you’ll need to purchase Sectigo’s HackerGuardian PCI Scanner. Here’s the good news: Despite how powerful it is, it’s still the cheapest scanner on the market. And we sell it for even less than Sectigo does if you were to buy it directly from them! A lot less, in fact. We guarantee it. In fact, if you find Sectigo HackerGuardian for sale anywhere else and the price is lower, just show us and we’ll match it. That’s our low-price guarantee.

Now on to the fun part. Let’s talk about how to perform your first internal vulnerability scan:

  1. Run a scan using the Initial Options Defaults profile
Graphic: PCI internal vulnerability scan
  1. Run a report using the PCI scan report template. Just make sure to enable Custom Risk Ranking.
Graphic: PCI internal vulnerability scan window
  1. The scan will return a list of vulnerabilities. You can click on each one, and it will provide remediation solutions from Sectigo’s experts.
Graphic: List of vulnerabilities detected by Sectigo HackerGuardian PCI scanner
  1. Remediate each vulnerability, then re-scan.
Graphic: Sectigo Hacker Guardian
  1. Once this process is complete, run a report using the PCI scan report template again. Then, follow the instructions to submit your report.

That’s it. As you can see, staying compliant with PCI DSS doesn’t have to be a headache when it comes to running a PCI internal vulnerability scan. It can be very simple when you have the right tool at your disposal.  

Save 67% on PCI ASV Scanning

Stay compliant with Sectigo’s HackerGuardian PCI Scanner for only $81.90/year.

Start Scanning

Tags: ,