Why ASV Whitelisting is Both Normal and Essential for a Successful PCI Vulnerability Scan

October 30, 2017 • Published Categories PCI 101Tags ,
Is ASV whitelisting “cheating”?

“Why am I being asked to whitelist ControlScan’s IP address as part of your ASV service? Doesn’t bypassing my IPS defeat the purpose of a PCI vulnerability scan?” ASV whitelisting is one of the most common questions our Vulnerability Management team receives, so let’s dive … Read more

Why Penetration Tests are Critical for Accurately Assessing Security Risk

October 10, 2017 • Published Categories Best PracticesTags ,
Penetration tests look for vulnerabilities within various endpoints

How do you conduct your IT risk assessments? In a recent ControlScan customer survey, we asked IT leaders about risk assessments. Specifically, we wanted to know how often businesses are conducting them, as well as if they are doing so formally by using an external … Read more

PCI Risk Brings New PCI Service Provider Requirements Impacting ISOs

September 14, 2017 • Published Categories Industry TopicsTags ,

Independent Sales Organizations (ISOs) have risky business to attend to. In the payments ecosystem, ISO businesses have a lot going for them. The recurring revenue model for ISOs is alive and well, and many have found success by specializing in specific market niches. Sure, being … Read more