"The only real security that a man can have in this world is a reserve of knowledge, experience and ability."
Henry Ford

WHAT?

Internal vulnerability scanning is a set of conscious actions aiming to define, identify, and classify the vulnerabilities in an organization's IT infrastructure, conducted from inside the network on all internal-facing hosts that are in scope of the company's PCI DSS assessment.

WHY?

Internal vulnerability scanning is necessary for PCI DSS certification (requirement 11.2.1), which stipulates that:

  • Scanning is performed quarterly and after significant changes to your environment.
  • All “high risk” vulnerabilities are resolved in accordance with your vulnerability ranking.
  • Highest priority should be given to vulnerabilities with the highest risk.
  • The scans must be performed by qualified personnel.

HOW TO ENGAGE IN INTERNAL VULNERABILITY SCANNING?

Find out with our 1-minute questionnaire:


Based on your answers we will give you a free quote and what needs to be done in order to have proper internal vulnerability scanning conducted.

Based on your answers we will give you a free quote and what needs to be done in order to have proper internal vulnerability scanning conducted.

TALK TO US

Seven Security Group executes internal vulnerability scans that meet both the internal and "scan-after-significant-change" PCI DSS requirement 11.2. Together with you, we will scope and schedule the quarterly scans.

We deploy methodology and tools and also have the staff that is qualified (as required by PCI DSS) to perform the scans.