PCI-DSS requirement 11.2: “Run internal and external network vulnerability scans at least quarterly and after any significant change in the network. Quarterly external scans must be performed by an Approved Scanning Vendor (ASV).”
As a qualified ASV (approved by the PCI Security Standards Council), MegaplanIT’s goal is to assist merchants and service providers in meeting PCI-DSS requirement 11.2. MegaplanIT performs network scans to assess vulnerabilities and offers remediation assistance and recommendations to help organizations achieve a quarterly Attestation of Scanning Compliance as required by the Data Security Standard.
MegaplanIT has over 15 years of experience providing IT Security and Compliance services across a variety of industries ranging from small businesses to Fortune 100 companies. Our expertise and the unmatched level of support we offer our clients make us the top choice for securing your company's IT environment and protecting your organization from data loss or theft.
We believe in building long-term, trust-based relationships with our clients, which is why our team goes the extra mile to guide clients through their assessments and provide support whenever it’s needed—we will never leave you hanging.
Our excellent reputation has been built one customer at a time, on a foundation of unparalleled customer service, lasting client relationships, and word-of-mouth recommendations. Nothing is more rewarding to us than hearing from satisfied customers who appreciate our expertise and hands-on approach, so please share your experience with us!
MegaplanIT's Vulnerability Scanning service unfolds over a number of phases. Breaking the process down allows our specialists to use information gathered along the way to improve the final vulnerability assessment and results in a deeper level of security because it allows us to locate entry points and vulnerability sources that might otherwise be missed.
Levels 1 through 4 Merchants and Service Providers are required to perform external vulnerability scanning on a quarterly basis.
A MegaplanIT security consultant will begin by identifying all external facing IPs that are in scope for vulnerability scanning.
Our consultant will coordinate with your team to schedule scanning activities. Your productivity is a priority, which is why we make sure our assessments never interfere with your organization’s workflow.
Once the external ASV scans are complete, the MegaplanIT consultant will review scan results internally to ensure accuracy.
If any vulnerability exists, the MegaplanIT consultant will offer customized remediation consulting and perform retesting (if necessary).
Once your organization has passed the ASV scan, MegaplanIT will issue an Attestation of Scanning for submission to acquirers, processors, gateways, and other PCI stakeholders. We also provide detailed Technical Reports, including an Executive Summary, for your information and records.