PCI / Vulnerability Scanning Service
Deployment options:   Physical appliance   •   Virtual appliance

The ProtectPoint™ vulnerability scanning service finds, assesses, and reports on vulnerabilities present on your network infrastructure and endpoints. Through its regularly scheduled and automated scanning process, our vulnerability scanning service identifies vulnerabilities present on your critical assets, like web servers, financial systems, network infrastructure, and endpoints.

We offer two managed vulnerability scanning options:

  1. External PCI scanning using an ASV-certified process
  2. Comprehensive internal / external scanning program
These options are presented in more detail below and in the graphic at right. All scan results are organized by IP address, allowing you to focus on remediation priorities. You access all vulnerability reports through our secure RADAR™ customer portal, shown in Figure 1 below.

External PCI scanning service

  • PCI Approved Scanning Vendor (ASV) certified scanning
  • Covers PCI Requirements 4, 6, and 11
  • Scanning regime run quarterly
  • Includes two re-scanning cycles after implementation of remediation measures
  • Detailed compliance reporting in easy-to-understand format
  • Focused on external PCI environment
  • Optional post-scan consultations available

PCI post-scan consulting

  • Expert understanding of PCI requirements
  • Expert knowledge of security applications / techniques for achieving compliance
  • Cost-effective, secure issue resolution
  • 2-hour consultation session
  • Scan results analysis and interpretation
  • Client Q&A
  • Action plan / roadmap for compliance
  • Re-scan oversight, results interpretation

Internal / external vulnerability scanning

  • Systematic scanning (i.e., Intelliscan™): applies only scans appropriate for device (based on device fingerprint)
  • Automated, scheduled scanning with hourly, daily, weekly, and monthly options
  • On-demand scanning available via request to ProtectPoint Security Operations Center
  • Industry-leading support for the following local checks: Linux, Solaris, Windows, Redhat
  • Non-intrusive device scanning
  • Fingerprints OS, available hosts, services (i.e., ports), and applications
  • Identifies 1000+ distinct OSs and OS variations
  • Multiple methods to determine live IPs
  • 18,000+ rule set (continually expanding)
  • Rule set consolidated from multiple sources: StillSecure® Security Alert Team™ (SAT), Open source, GPL
  • New rules automatically incorporated into existing scan policies

Correlating attacks with vulnerabilities

When combined with our managed intrusion detection/prevention service, ProtectPoint's vulnerability scanning service correlates incoming attacks with devices that are potentially in a vulnerable state, allowing our security analysts to take immediate, priority action to ensure damage does not occur (see Figure 2). This allows organizations with limited IT resources to breathe easy, knowing that attacks aimed at their network's weakest links are identified and blocked in real time.



RADAR customer portal»
ProtectPoint support »
Services brochure »
PCI Compliance overview »
PartnerVision portal »
Contact StillSecure »