Announcement

Collapse
No announcement yet.

PCI DSS "Internal vulnerability scan"

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    PCI DSS "Internal vulnerability scan"

    For the first time ever, my PCI DSS compliance process (Trustwave) has told me I need to have quarterly internal vulnerability scans. It seems there are lots of companies out there offering this service (I'm a one man band so don't qualify for the "qualified employee not involved with the security settings" DIY option). They've also insisted that I have my IP address scanned, but at least they do that themselves for free. Still waiting on the results.

    Can anyone provide any advice on a safe/reliable/competent company to use for my internal scans?
    The Patchwork Rabbit
    Tags: None
    #2
    Ah, it seems that Trustwave has its own internal checks (Trustkeeper Agent) you can use which seems to satisfy them.
    The Patchwork Rabbit

    Comment

      #3
      How do you take payments?
      Why do you need to have PCI DSS checks?

      Comment

        #4
        If you ever take card details over the phone and process them using an online system then you enter the sphere of PCI-DSS.

        Mike
        -----------------------------------------

        First Tackle - Fly Fishing and Game Angling

        -----------------------------------------

        Comment

          #5
          Sorry I didn't reply sooner. I wasn't expecting a response lol

          I'm taking payments exactly the same way I've been doing for several years all while passing PCI-DSS compliance "self assessment" with flying colours. It seems that only this year I need a vulnerability scan. But, it's all OK because I can use Trustkeeper for free.
          The Patchwork Rabbit

          Comment

          Previous template Next
          Working...
          X