PCI Requirement 11.2.3 – Perform Internal and External Scans, and Rescans as Needed, After Any Significant Change
by Randy Bartels / June 5th, 2018
Significant Changes in Your Cardholder Data Environment PCI Requirement 11.2.3 requires that any time that you have made a significant change in your…
PCI Requirement 11.2.2 – Perform Quarterly External Vulnerability Scans via an Approved Scanning Vendor
by Randy Bartels / June 5th, 2018
What is an ASV? To comply with PCI Requirement 11.2.2, you must use a PCI SSC Approved Scanning Vendor (ASV). An ASV is…
PCI Requirement 11.2.1 – Perform Quarterly Internal Vulnerability Scans
by Randy Bartels / June 5th, 2018
Vulnerabilities and Your Risk Ranking System PCI Requirement 11.2.1 states, “Perform quarterly internal vulnerability scans. Address vulnerabilities and perform rescans to verify all…
PCI Requirement 11.2 – Run Internal and External Vulnerability Scans at Least Quarterly and After Any Significant Change in the Network
by Randy Bartels / June 5th, 2018
Running Network Vulnerability Scans PCI Requirement 11.2 requires that organizations run internal and external network vulnerability scans at least quarterly and also after…
PCI Requirement 11.1.2 – Implement Incident Response Procedures in the Event Unauthorized Wireless Access Points are Detected
by Randy Bartels / June 5th, 2018
Incident Response Procedures What would your organization do if an unauthorized wireless device was detected in your environment? PCI Requirement 11.1.2 requires that…