External PCI ASV
PCI DSS REQUIREMENT 11.2
Run internal and external network vulnerability scans at least quarterly and after any significant change in the network (such as new system component installations, changes in network topology, firewall rule modifications, product upgrades).
There are three types of vulnerability scanning required for PCI DSS:
Internal quarterly vulnerability scanning by qualified personnel (use of a PCI SSC Approved Scanning Vendor (ASV) is not required)
External quarterly vulnerability scanning, which must be performed by an ASV
Internal and external scanning as needed after significant changes
Please contact us for a quote