External Vulnerability Scan (Quarterly ASV Scan)

$129
(43 reviews) Write a Review

Product Overview 

SecurityMetrics External Vulnerability Scan is an Approved Scanning Vendor (ASV) scan that helps you with PCI compliance and stay ahead of cyber criminals. Our regularly updated scan engine identifies external network vulnerabilities so you can keep your data safe. Combining multiple powerful scan engines and utilizing the latest scan technology, the SecurityMetrics scan engines work to find business network and web application weaknesses that may allow backdoors, remote access, SQL injection and many other types of malicious attacks.

SecurityMetrics keeps its scan engines up to date with information provided by SecurityMetrics forensics investigators, penetration test analysts, and both PCI and HIPAA assessors. After conducting a scan at your organization, our support experts are available to assist you in the remediation process by providing recommendations to repair discovered vulnerabilities.

For PCI compliance, and depending on how you process credit cards, you may be required to conduct a scan and achieve a passing status.

This product is for adding a new scan to your account. If you have existing scans you need to renew, please call SecurityMetrics support: 801.705.5700.

What's the difference between External Vulnerability Scan and Perimeter Scan?

  • External Vulnerability Scan is an annual payment for a specific target (web domain or IP address). External Vulnerability Scan customers can change their target by calling SecurityMetrics support. Some customers do this for dynamic IPs (DHCP).
  • Perimeter scan is a pay-as-you-go scan, allowing you to purchase credits for any number of web domains or IP addresses. Perimeter scan allows you to add, edit, or delete targets at will. 
  • View attached product images to see differences in the interfaces.

Product Benefits

  • Run scans simply, without any extensive technical knowledge.
  • Simplify vulnerability reporting with access to an executive summary, attestation of compliance, and vulnerability reports.
  • Enjoy unlimited support from a 24/7 scan technician support team that provides vulnerability remediation steps.
  • Using vulnerability scanning allows you to complete up to 7% of your SAQ.

What's Included

  • Automated quarterly scanning
  • Unlimited rescans until passing
  • Vulnerability report
  • ASV reports for PCI compliance
  • Prioritization of vulnerability threats
  • 24/7 technical support
  • Online remediation recommendations
  • False positive submission

 

43 Reviews Hide Reviews Show Reviews

  • 4
    VA Scans

    Posted by Tammy on Jul 3rd 2019

    We find it easy to maintain.

  • 4
    VA Scans

    Posted by Ravi on Jul 3rd 2019

    Good

    You should allow users able to add new website for scan and go through add to cart button and process it quickly

    Now it is a big issue of getting live customer support representative online to add.

  • 5
    VA Scans

    Posted by Lzbeth on Jul 3rd 2019

    It's easy to manage.

  • 5
    VA Scans

    Posted by Kristi on Jul 3rd 2019

    Makes staying compliant easy.

  • 5
    VA Scans

    Posted by Anonymous on Jul 3rd 2019

    Very easy to use website. Found issues we were not aware of.

  • 5
    VA Scans

    Posted by Anonymous on Jul 3rd 2019

    Does everything we need it to for a good price.
    Most importantly the support team are excellent and the phone is always answered quickly.

  • 4
    VA Scans

    Posted by Anonymous on Jul 3rd 2019

    The scan has consistently shown any potential flaws in our systems, with clear details such as impact and resolution on any failures. To get 5 starts it would be good to be able to rescan just one particular failure rather than having to schedule a complete new scan.

  • 5
    VA Scans

    Posted by Anonymous on Jul 3rd 2019

    Very good product, I am happy with this and would definitely recommend

  • 4
    VA Scans

    Posted by Anonymous on Jul 3rd 2019

    It's good but there are a few settings I have to enable to ensure the scan can determine the hosting environment systems. I imagine this is to identify which specific tests to run. I don't like the idea of having to expose this information just for the tests.

    Also some of the feedback from failed tests could be less technical. I'm quite technical myself but some of the failed test information is very, very hard to interpret if you're not a web security specialist.

    Staff support via the phone is always excellent and can't be faulted."