ASV SERVICES

Nettitude is a PCI Approved Scanning Vendor (PCI ASV).

As part of the PCI Data Security Standard, requirement 11.2 mandates organisations to undertake quarterly vulnerability scans by an Approved Scanning Vendor (ASV) of all internet facing assets. Nettitude offer two flexible solutions: Self-Service ASV Services and Managed ASV Scanning.

There are many benefits to conducting ASV scans with Nettitude. We have the best qualified ASV consultants on hand to run with your project, using the best tools for the job. Nettitude also provides real world remediation advice and guidance should a failed scan occur. To find out more, fill in a contact form and a member of the team will be happy to talk you through the ASV services we provide.

Request a free quote

CREST, PCI, NCSC

Self Service ASV Services

If you prefer the flexibility of being able to conduct your own ASV scans you can use our self-service portal powered by Qualys to scan, attest and generate your Quarterly ASV report. In addition to conducting scans once per quarter the service allows you to scan the same assets on-demand daily, weekly or on a more ad-hoc basis.

Nettitude’s ASV self-service portal allows for both infrastructure and web application vulnerability assessments to be conducted in unison. The solution has been fully approved for PCI ASV scanning across all geographies.

Once the scan has been conducted the client submits them to Nettitude’s qualified ASV consultants for attestation, and the process of raising any false positive disputes is done seamlessly all through the portal.

Managed ASV Scanning

Nettitude’s managed ASV scanning takes the headache out of the ASV process. If Nettitude identify any issues within your internet facing infrastructure our team provide guidance over the phone to help remediate the issues. Nettitude work as an extension of your security team to help you obtain and maintain PCI compliance.

One of the biggest concerns of any automated vulnerability assessment service is false positives. Although Nettitude is able to provide an automated approach for ASV scanning with an exceedingly high rate of accuracy.

The benefits of Managed ASV engagements are:

  • Nettitude’s qualified ASV consultants manage and schedule all quarterly scans
  • Nettitude uses an array of tools & manual testing to meet the PCI SSC ASV program baseline requirements that go beyond services offered by purely automated tools
  • Nettitude manually validates all vulnerabilities, working with the client to establish any false positives before the report is generated
  • In cases of failing scans Nettitude provides real world remediation advice and guidance to help customers achieve compliance