Streamline compliance and mitigate vulnerabilities
As a PCI SSC Approved Scanning Vendor (ASV), AT&T Cybersecurity and its experienced consultants help organizations of all sizes understand potential network exposures in on-premises or multi-cloud environments and streamline adherence to PCI DSS requirement 11.2.
Here are a few of the ways we help you:
- Scope & schedule for scans - Establish the proper scope for your objectives, PCI scan targets, and scan schedules
- Lightweight scanning - scan external systems and applications, with nothing to install in your environment
- Centralized scans & reports - provide one web portal to manage your scheduled scans, retries, and reporting
- Remediation guidance - deliver customized guidance for vulnerability prioritization and remediation
- Document vulnerability patching - validate and document vulnerability patching
- Attestation of compliance - complete attestations required for PCI DSS when a clean scan is achieved
People, process, and technology
Meet PCI DSS scan requirements
Rapidly scan systems and applications to help prepare for your PCI vulnerability scan requirement using the AT&T External Vulnerability Scanning Service. Scan all internet-facing networks and systems to identify vulnerabilities and security weaknesses, with less than one percent false positive rate.
Automate quarterly ASV network scans
Provide for continuous compliance by automatically scheduling quarterly ASV network vulnerability scans. And, scan as needed per network changes, such as new system component installations, changes in network topology, firewall rule modifications, or product upgrades.
Document vulnerability patching
Show that you have identified and remediated high risk vulnerabilities in a timely manner and are mitigating the ongoing risks of medium- and low-severity vulnerabilities that could potentially be exploited in the future.
Improve vulnerability management
Help to simplify and accelerate internal policy and regulatory compliance adherence by consulting an AT&T industry expert with who can provide guidance on meeting corporate security policies and cybersecurity regulations.
Work with security experts
Work closely with an experienced AT&T consultant to establish the proper scope for your objectives and PCI scan targets. During the scan and re-scan process, your advisor provides for alignment with scanning timeframes and target scope. Receive attestation report when a clean scan is achieved.
Scan web applications
Quickly identify critical vulnerabilities and common misconfigurations by performing extensive testing of web applications against industry best practices. Help provide that custom-built, in house, and commercial web apps are built and maintained securely.
Centralize ASV scan reports
Quickly view vulnerability scan results and analyze data to report on your network’s security posture and plan for mitigation of risks. Easily access your ASV Scan Report Executive Summary (report follows the PCI Approved Scanning Vendor Program Guide.)
Manage PCI ASV scan costs
Select the solution that meets your requirements and budget. Choose from annual service options for quarterly or on-demand scanning, based on your network’s size and organization’s scan needs.