PCI Compliance Approved Scanning Vendor Services

Organizations seeking PCI compliance are required to have compliant PCI ASV scans performed quarterly.

Organizations that handle credit card data need to maintain Payment Card Industry (PCI) compliance, and part of this effort is the regular quarterly performance of vulnerability scans by an Approved Scanning Vendor (ASV). Organizations can use this information to address issues within their environment, ensuring a stronger security posture while maintaining their compliance.

PCI ASV vulnerability assessments bring an organization’s knowledge of its vulnerabilities from unknown to known. Without knowing what vulnerabilities are present, it is impossible to remediate or mitigate them. RSM is a certified PCI ASV with staff certified to generate passing network reports, send approved network reports and Self-Assessment Questionnaires to the organization's acquiring bank.

As a certified PCI ASV, RSM performs in-depth scans on the external-facing PCI DSS assets of your organization, then provides an actionable list of vulnerabilities to remediate. ASV vulnerability assessments identify known network, operating system, web application and server exploits and vulnerabilities with the use of automated tools in accordance with PCI DSS requirements The vulnerabilities that must be remediated to receive passing PCI ASV assessments are clearly identified and based on the Common Vulnerability Scoring System Version 2.0 calculation metrics required for PCI ASV vulnerabilities.

RSM provides full service scans and offers a PCI ASV scanning portal. The PCI ASV scanning portal provides access to a secure automated portal where organizations can easily review scan results and recommendations for vulnerabilities, and generate and submit network reports for attestation.

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.


Complete our Cybersecurity Rapid Assessment form to be contacted about receiving our "quick-hit" evaluation of your organization’s overall security risk.

Learn more