Your Quick Guide to PCI Scanning Success

July 9, 2018 • Published Categories PCI 101Tags , ,
PCI Scanning ASV

An ongoing requirement of the PCI compliance process involves having your payment card environment scanned for security vulnerabilities. For most businesses, PCI scanning must be conducted by an Approved Scanning Vendor (ASV) at least quarterly, as well as following any major change to your environment. … Read more

PCI QIR Program Update Tackles Most Pressing Payment Security Threats

March 16, 2018 • Published Categories Industry TopicsTags , ,
PCI QIR program update

What’s new at the PCI Council? The PCI Council has come out with their long-awaited changes to the Qualified Integrators & Resellers (QIR) program. The PCI QIR program was launched in 2012 to ensure that payment systems integrators and resellers know how to support a … Read more

Acquirers: Are Your Smallest Merchants the Biggest Risk?

January 19, 2018 • Published Categories Acquirer ProgramsTags , ,
Acquirers: Are Your Smallest Merchants the Biggest Risk?

High-risk payment acceptance is everywhere. A recent payment experience at my local dry cleaners caused me some alarm, so much so that I described it in detail on LinkedIn: Without any real forethought I pulled out my debit card. Maybe it was the knowledge that … Read more

Why ASV Whitelisting is Both Normal and Essential for a Successful PCI Vulnerability Scan

October 30, 2017 • Published Categories PCI 101Tags ,
Is ASV whitelisting “cheating”?

“Why am I being asked to whitelist ControlScan’s IP address as part of your ASV service? Doesn’t bypassing my IPS defeat the purpose of a PCI vulnerability scan?” ASV whitelisting is one of the most common questions our Vulnerability Management team receives, so let’s dive … Read more

Why Penetration Tests are Critical for Accurately Assessing Security Risk

October 10, 2017 • Published Categories Best PracticesTags ,
Penetration tests look for vulnerabilities within various endpoints

How do you conduct your IT risk assessments? In a recent ControlScan customer survey, we asked IT leaders about risk assessments. Specifically, we wanted to know how often businesses are conducting them, as well as if they are doing so formally by using an external … Read more