PCI ASV (Approved Scanning Vendor)

With the recent breaches and public disclosures in the media, the cyber threat in Australia is real. The Reserve Bank, the Bureau of Statistics and the Australian Secret Intelligence Organisation have all recently been reported to be victims of cyber-attacks. Private and publicly listed companies are not spared with breaches recently suffered by our leading resource companies Rio Tinto and BHP to name a few.

Cyber-attacks and cyber-crime are aimed at our governments, our critical infrastructure, local and global businesses and individuals alike. While the attacks continue to increasingly occur, the result and the impact for businesses and government is the same - an erosion of trust, reputation and financial loss. 

For those organisation who process and store credit card data a quarterly external vulnerability scan must be performed on external networks and must be performed by a PCI SSC Approved Scanning Vendor (ASV). 

The following testing procedures are recommended by PCI SSC:

  1. Review output from the four most recent quarters of external vulnerability scans and verify that four quarterly external vulnerability scans occurred in the most recent 12-month period
  2. Review the results of each quarterly scan and rescan to verify that the ASV Program Guide requirements for a passing scan have been met (for example, no vulnerabilities rated 4.0 or higher by the CVSS, and no automatic failures).

Dragonfly, together with Outpost24 offer bespoke IT security services to medium and large organisations that are designed to protect, enable innovation by reducing risk, reduce complexity and cost. 

Customers from a range of industries, including government, banking and finance, health care and entertainment, rely on Dragonfly to obtain a long-term competitive advantage that comes from the tight alignment of technology with business needs.


DrivePCI is dedicated to providing you with the best experience in PCI DSS services

DrivePCI is a new strategic alliance between Indusface and Dragonfly to offer a global community based approach to PCI DSS and PCI ASV services.

The alliance will drive PCI collaboration in the Asia-Pacific region to help organisations identify PCI DSS gaps, remediation planning and remediation services.

Through the DrivePCI alliance, businesses can subscribe to continuous PCI ASV scanning and penetration testing services backed by leading and Gartner recognised cybersecurity firms.