Services

ASV Security Scan

The payment card industry (PCI) standard requires remote security testing of a merchant’s Internet presence by an Approved Scanning Vendor (ASV). The ASV security scan passively probes hosts, via the Internet, that require remote auditing for PCI compliance.

Integralis is an expert ASV with a proven track record of success. Our experience includes extensive penetration testing, vulnerability identification and analysis, and remediation strategy development.

This service combines security experts with best-of-breed scanning technology to identify real and potential vulnerabilities in Internet facing systems such as routers, firewalls, web servers and email servers. It also identifies vulnerabilities that may exist as a result of misconfigurations and that may be inherent to commercially released operating systems and applications and could result in unauthorized access to the internal network and infrastructure components.

We employ a combination of leading test tools combined with expert detailed manual analysis of results for both network security and Internet security scans. Our attention to detail minimizes the risk of false positives and reporting of erroneous vulnerabilities.

As a result of an Integralis ASV Security Scan, you gain insight into your PCI compliance status. Once complete, we provide you with a comprehensive customized and actionable report that includes:

  • Identification of hosts
  • Detailed analysis of the overall security risks within the scanned network
    • Operating system vulnerabilities
    • Application vulnerabilities
  • Reconfiguration recommendations
  • Fixes
  • Remediation prioritization
  • Common industry references
  • Infrastructure compliance status

With this understanding, you can implement prioritized and proactive security measures that address vulnerabilities before a breach can occur or Integralis consulting services are available to assist you in remediation.

Our comprehensive ASV Security Scan service tests for vulnerabilities across a broad spectrum of categories. Within each category, we perform a number of distinct tests. This service can be delivered on an as needed or quarterly basis as required for compliance.