Internal Vulnerability Scanning

1 Stop PCI Scan recognizes that the PCI DSS uses a “defense-in-depth” approach to promoting PCI compliance.  True PCI compliance involves more than just quarterly external PCI scanning.  Quarterly internal vulnerability scanning is also a requirement for almost all businesses.

Further detail is found in section 11 of the PCI DSS, where the document enumerates the requirements businesses need to fulfill in order to properly handle their PCI compliance.  Section 11.2 of the PCI DSS v3 reads:

“Run internal and external network vulnerability scans at least quarterly and after any significant change in the network (such as new system component installations, changes in network topology, firewall rule modifications, product upgrades).”

1 Stop PCI Scan offers internal vulnerability scanning at a low cost.  The pricing for internal vulnerability scanning cannot be described in a standard rate that applies to all customers.  In comparison to external PCI scanning, there are more variables involved in the internal scanning process. Interested customers should contact 1 Stop PCI Scan for more information and customized pricing.