SureCloud, a supplier of cloud-based governance, risk and compliance (GRC) solutions and security services, has been certified as a PCI DSS compliant approved scanning vendor (ASV) for the 10th year running.
The Payment Card Industry (PCI) Security Standard Council (SSC) require all approved scanning vendors (ASVs) to re-qualify annually by undergoing a validation process. This requires SureCloud to demonstrate the capabilities of its ASV toolset by achieving a certain ratio of ‘detection’ of vulnerabilities against a test environment. The assessment also involves an audit of processes, vulnerability detection, reporting and client procedures.
Luke Potter, Cybersecurity Practice Director at SureCloud, said: “PCI DSS is one of the regulatory frameworks that many organisations need help in achieving compliance with, as they are a complex set of requirements. Depending on the client’s merchant level, one of those requirements is needing to run quarterly external scans from an ASV.
“As we’ve streamlined the whole process it is critical that we maintain our ASV accreditation – not only to ensure we can drive further growth in this area but also to give our existing customers peace of mind that our solutions and processes are delivering exceptionally high vulnerability detection rates. As such we are delighted to have received the accreditation for the 10th year running.”
SureCloud enables clients to manage, schedule and run their PCI scans using SureCloud’s PCI ASV Scan Manager application, allowing the quick assessment of results, obtaining reports and re-scanning until an overall ‘compliant’ state is reached. The client can review vulnerability detail, submit vulnerabilities for false positive/compensating control review and gain access to SureCloud’s expert security services team through its innovative cloud-based Platform.
SureCloud’s PCI ASV solutions help organisations meet PCI Requirement 11.2.2, enabling businesses to achieve faster certification, reduced audit costs, reduced risk and ongoing compliance.