Join A Leader In

ASV Vulnerability
Scanning Services

Our ASV (Approved Scanning Vendor) vulnerability scanning service is an automated process which validates the security of your internet facing systems and web applications. Throughout this process, Vectra will scan for weaknesses in your data security. Vectra’s ASV security services are conducted through our partner SecurityMetrics. Quarterly ASV vulnerability scanning of internet facing systems is a requirement to maintain PCI DSS compliance for most businesses and organisation’s providing card payment services. Even if it’s not a PCI DSS requirement for you, regular scanning is also a good cyber security practice.

Get in Touch

Learn More

What is an ASV?

ASV stands for Approved Scanning Vendor. It is a designation given by the Payment Card Industry Security Standards Council (PCI SSC) to organisations that have been qualified to validate adherence to certain PCI DSS compliance requirements by performing vulnerability scans of merchants and service providers. ASVs have proven their capability to offer high-quality, consistent vulnerability scanning services that align with the PCI DSS.

Engaging with an ASV ensures that your organisation’s external-facing systems are routinely checked for vulnerabilities.

What is ASV Scanning?

ASV Scanning refers to the vulnerability scanning process carried out by an Approved Scanning Vendor. The primary purpose of this scan is to identify vulnerabilities in the external-facing systems and networks of businesses and organisations that could be exploited by malicious entities. These scans are an essential component of the PCI DSS compliance process for many.

Features of ASV Scanning:

- Scope Determination: The process begins by determining which systems are in scope for PCI DSS. Typically, these are the systems that are involved in the storage, processing, or transmission of cardholder data.
- Regular Scans: ASV Scans are typically conducted on a quarterly basis, but can also be performed after any significant change to the network.
- Detailed Reports: After each scan, the ASV provides a detailed report outlining any vulnerabilities discovered, their severity, and recommendations for remediation.
- Pass/Fail Criteria: For the sake of PCI DSS compliance, the scanned entity must not have any vulnerabilities rated 4.0 or higher (on the CVSS scale) that are not mitigated. If such vulnerabilities are present, the entity will need to address them and then undergo a rescan.
- Continuous Improvement: ASV scanning isn’t a one-off process. The cyber security landscape is constantly evolving, and new vulnerabilities are discovered frequently. Regular scanning ensures that organisations can stay ahead of potential threats.

ASV scanning is an invaluable tool in the cyber security arsenal of any organisation that deals with cardholder data. It provides assurance that external-facing systems have been checked against known vulnerabilities and helps in maintaining a robust security posture.

ASV Scanning Portal

Vectra’s ASV Vulnerability Scanning Service is accessed by a web-based scanning portal. The portal allows a business or organisation to easily configure automated quarterly scans as required by PCI DSS requirement 11.2.2. It also allows for scans to be run on an ad-hoc basis when required.

The portal provides easy access to the latest scan results and keeps all historical scan reports.

Vectra’s ASV Scanning Portal also provides an interface to facilitate investigation and resolution of any false positives.

ASV Scan Reports

The detailed reports provided as part of our ASV services are available for download on the portal.

These scans are comprehensive and will:

Identify security weaknesses
Provide a risk rating
Remediation advice

ASV Service Desk

Our ASV scanning service is supported by a local Australian based Service Desk. Our ASV Service Team are able to provide technical support and remote administration of the service plus track and monitor any disputed scan results.

Request more information about our ASV scanning services

Get in Touch

Send an ASV Vulnerability Scanning Enquiry

Complete the form below and our ASV Team will be in touch to discuss your scanning requirements.

ASV Scanning Contact Form

Organisation Name *

Your Name *

Contact Telephone *

Contact Email *

Pre-Contact Questions (Optional)

To help us better understand your enquiry we have put together an optional set of questions for you to answer. You may answer as many of the questions as possible based on your current knowledge.

Are you a merchant or service provider?

Merchant Information

What is your merchant service level?

Your bank should be able to tell you, however if you are unsure or unable to check, choose the corresponding number of transactions.

What payment channels do you use?

eCommerce

EFTPOS

Card not present

Who is your acquiring bank?

Service Provider Information

What is your service provider level?

Have you ever been compromised?

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

ASV VulnerabilityScanning Services