„You can't manage what you don't measure” - Peter Drucker


Merchants and related service providers must accept and/or process credit cards to meet their revenue goals. This requires authorization based in part on passing a quarterly PCI DSS ASV assessment, which is conducted by an approved scanning vendor (ASV).

Skontaktuj się

Tenable ASV, approved by the Payment Card Industry Security Standards Council (PCI SSC), performs external vulnerability scanning of a merchant or vendor's network. Tenable PCI ASV, an add-on to Tenable Vulnerability Management streamlines verification of compliance with the PCI data security standard. With pre-configured scan templates and a powerful dispute resolution process, you can quickly run scans, submit attestation requests and resolve disputes.

Key Benefits

Use of Tenable Vulnerability Management

Tenable Vulnerability Management provides a number of applications to solve the toughest security challenges, such as vulnerability management, container security and web application scanning

Improves PCI ASV attestation

Helps meet quarterly PCI ASV scanning requirements with minimal impact on staff resources

Increases confidence with comprehensive vulnerability scanning

Built on Tenable's leading Nessus technology, which provides fast and accurate scans with the industry's broadest range of assets and vulnerabilities

Key Capabilities

Convenient scanning

Tenable Vulnerability Management includes pre-configured templates for quarterly PCI scans that provide accurate vulnerability assessments of external PCI resources. The templates allow you to scan resources at your organization's convenience. If necessary, resources with unsuccessful results can be easily rescanned until the result is ready for review.

Effective error removal

If one or more resources are erroneously included in the scan, you can quickly mark them as "out of scope." If a resource in scope contains medium to high security vulnerabilities, an intuitive workflow guides you through the dispute process. Disputes can be assigned to those best qualified to provide the relevant information, provide a reason why the vulnerability should be ignored, and include documentation as proof of the dispute. To further streamline remediation efforts, you can create aggregate failure disputes and provide a single reason/supporting evidence covering potentially hundreds of failures. In addition, disputes already submitted and accepted in previous quarters can be reused

Continuous visibility

After sending a scan to Tenable for review by ASV, you can see the current status of the attestation request. Each dispute is marked as unassessed, assessed, passed, failed and additional information requested. If additional information is needed, the user will be notified via email. When all disputes are passed, the ASV request will be marked as passed

Complete reporting

Once the ASV review is complete, a number of reports can be exported, including an executive summary, detailed report and ASV Scan Report Attestation of Scan Compliance, and a report that can be sent to your clearing agent and/or participating payment brands

Are you interested in our product or service?

Please contact us