Skip to main content
ASV - Approved Scanning Vendor for PCI

ASV - Approved Scanning Vendor for PCI

CYBERSECURITY DICTIONARY

ASV - Approved Scanning Vendor for PCI

An ASV is an organization deploying security services and tools (sometimes called an ASV scan solution) to conduct external vulnerability scanning services to validate adherence with the external scanning requirements of PCI DSS Requirement 11.2.2.

The scanning vendor’s ASV scan solution gets tested and approved by the PCI Security Standards Council (PCI-SCC) before being added to its list of Approved Scanning Vendors. For a company to be approved they must first become a legal entity and fulfill all requirements to conduct business. Next, they have to go through a registration process with the PCI SSC that consists of reviewing the ASVs program guide, register for the testing, and provide administrative information and technical details by submitting an attestation of compliance. The application is reviewed by the Council and either accepted or denied for testing

ASVs often perform an external vulnerability scan of an organization’s network or website from the outside looking inward. In addition to determining if it is PCI compliant, these scans from service providers can provide insight into any data security changes that need to be made.

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.

Explore the Dictionary

RELATED ASSETS

October 19, 2017

PCI Compliance Every Day – Requirement 11

The most widely known requirements in PCI DSS 3.2 section 11 with a timing implication are the quarterly external and internal vulnerability scans (11...

See Details

October 29, 2018

Leveraging Risk Strategy to Move Beyond Check-Box PCI Compliance

Merchants often put compliance spending at the top of their list for budgeting purposes because the consequences of non-compliance can be expensive. F...

See Details

October 22, 2018

PCI Compliance Does Not Always Equal Security

Learn how a risk-centric approach can be applied to each PCI requirement.

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.