Service detail
- Ongoing external scanning services, including vulnerability assessments and professional interpretation of scan results against PCI DSS requirements, plus expert recommendations for gaining compliance.
- All external network scans are evaluated by a QSA (Qualified Security Assessor)
- QSA or client initiated vulnerability scans of external, public facing host IP's.
- Provides executive report, technical report and documentation of findings including "failures"
- Assistance with the analysis of any perceived "false positives"
- IBM offers secure access to its online PCI scanning portal, management of scan activities, collaboration with IBM PCI QSA and automated reporting functionality.
- Subscription based
Highlights
- Achieves annual PCI DSS compliance requirements for Level 1 clients who are required to submit quarterly scan results to their acquiring institution.
- Enables business-aligned security controls to help manage regulatory compliance and look for compensating controls wherever possible.
- Helps reduce potential costs and complexity of security of non-compliance by providing guidance of the PCI latest requirements.
