Step 4: Finding a PCI DSS Approved Scanning Vendor (ASV)

Do You Need an ASV?

In order to meet the quarterly network scanning requirements, merchants and service providers with a Level of 1, 2, 3, 4, need an ASV to facilitate the scanning.

Any merchant or service provider with annual transactions totaling 10,000 or more is required to have a quarterly network system scan.

According to the PCI Security Standards Council, the MasterCard ASV program was terminated on or about October 7, 2006, and Visa International's QSA certification program transitioned from October to December 2006 to revert to the PCI SSC's guidelines and ASV lists.

Currently, the PCI Security Standards Council administers all ASV contracts, and the PCI SSC also trains and certifies ASVs.

All scans must be conducted by an ASV and are required to conduct scans in accordance with the "Technical and Operational Requirements for Approved Scanning Vendors (ASVs)" procedures.

The main points of the technical and operational requirements for ASVs are as follows:

• The normal customer environment is not to be impacted.
• The ASV should never penetrate or alter the customer environment.

Suggested Links:

• https://www.pcisecuritystandards.org/pdfs/asv_report.html
• https://www.pcisecuritystandards.org/pdfs/pci_dss_
  validation_requirements_for_approved_scanning_vendors_ASVs_v1-1.pdf
• https://www.pcisecuritystandards.org/pdfs/pci_dss_technical_and_operational
  _requirements_for_approved_scanning_vendors_ASVs_v1-1.pdf

                    

Print this page

Send this page to a friend

PCI DSS: 5 Guidelines for Gaining PCI Compliance Step 1: An Introduction to PCI Compliance PCI Compliance Introduction Who Put the DSS in PCI? Step 2: Finding The PCI DSS Merchant, Service and Compliance Level Should Your Organization be Concerned about PCI Compliance? PCI DSS: The Visa CISP Program MasterCard SDA Program Defining Merchant Validation Levels Level 4 Merchant Compliance Visa PCI CAP Program Defining Service Provider Validation Levels Acquirer Responsibility Calculating Merchant Transactions PCI DSS: Visa and MasterCard Quick Reference Guide Step 3: Attaining PCI DSS Compliance-Merchant Security Audits: 12 Requirements Build and Maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Management Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Step 4: Finding a PCI DSS Approved Scanning Vendor (ASV) Do You Need an ASV? Merchant and Service Provider Scanning Requirements Compliance Reporting Visa and Compliance Reporting MasterCard and Compliance Reporting Step 5: Completing the PCI DSS Self Questionnaire Completing the PCI DSS Self Questionnaire PCI Compliance Polls Are you currently PCI Compliant? Yes No Working towards compliance Why are you looking at PCI Compliance Required By Credit Card Processor Required By Bank Want to meet industry standards Looking to secure network What merchant level do you fall under for PCI Compliance? Level 1 Level 2 Level 3 Level 4 I have no idea View PCI Merchant Level Results View All PCI Compliance Poll Results EV SSL Certificate Guide Sponsored Listing: