Posts Categorized: ASV scanning And Self Assessment

PCI Self Assessment Pack

"In depth understanding of PCI, very responsive and services at a great price." Chief Technical Officer - Secret Escapes Supporting You Right Through To Successful PCI Self Assessment Where to start? What must I complete to show my company is PCI compliant? Will we be fined for not being compliant? What needs to be scanned?... Read more »

ASV Scan Responsibilities

Approved Scanning Vendor

The ASV Program Guide describes the various responsibilities for all parties involved in the PCI ASV Scanning process. There are a number of parties, but here we’re just concentrating on two. They are the scan customer (you) and the Approved Scanning Vendor (Ambersail). The following text is taken from the official ASV program guide, which… Read more »

PCI: Your eCommerce Web Sites Are In Scope

“Essentially, all merchant eCommerce sites that previously escaped mandatory security assessment can no longer be overlooked.” We now anticipate that many small merchants will find their web sites in scope for PCI compliance under PCI DSS v3. We wrote earlier this year concerning the potential for scope changes brought about by PCI DSS v3. Now that the official v3 SAQ documents… Read more »

10 Ways To Fail Your ASV Scan

“We know that there’s nothing more frustrating than getting a failure mark on your quarterly scan report.”   But did you know there are 10 reasons why you would automatically fail should the scan make any of the following findings? Operating system versions no longer supported by the vendor. Windows 2000, older Linux distributions. Unsupported,… Read more »

Security & The Short Road To Legacy Systems

“Information security means working with how things are, rather than how you want them to be.”     We’ve all heard the apocryphal tale about the lost traveler asking for directions in a remote country village. You know the one: our traveler is hopelessly lost, the streets are empty. Just as his frustration seems complete, an elderly… Read more »

Payment Cards are Dead. Long Live Payment Cards.

PCI DSS compliance logo credit cards

Any payment technology analyst will tell you that the payments market has exploded over the last few years. An explosion sounds great, but it also suggest fragmentation. Which is another way of saying that the customer has a confusing array of choices. Not that confusion is anything new. Everyone has, at some point, fumbled through a stack… Read more »