Vulnerability Scans. A vulnerability scan (“Scan”) is necessary for PC, IP enabled terminal, or integrated ECR merchants (SAQ A-EP, SAQ B-IP, SAQ C or SAQ D Merchants). Here are the steps to receive Merchant’s Scan: 1. Once Merchant has completed Merchant’s SAQ, the system will guide Merchant to schedule Merchant’s Scan, if applicable. 2. The Scan will identify vulnerabilities or gaps that may allow unauthorized or malicious users to gain access to Merchant’s network and potentially compromise cardholder data. The Scan does not require Merchant to install any software, and no denial-of-service attacks will be performed. 3. Upon completion of the Scan, Merchant will receive a link to Merchant’s full compliance report. If Merchant fails network vulnerability review, this means that the Scan discovered areas of severe vulnerability. The TrustKeeper report describes the issues found and provides Merchant with recommendations for scan resources to begin fixing the problems. The tool will guide Merchant to remediate the failed Scan and work toward achieving compliance. Once Merchant has addressed the vulnerabilities, simply schedule a follow-up Scan to ensure Merchant’s remediation of the problem meets the PCI DSS requirements.
Appears in 3 contracts
Samples: Merchant Processing Agreement, Merchant Processing Agreement, Merchant Processing Agreement
Vulnerability Scans. A vulnerability scan (“Scan”) is necessary for PC, IP enabled terminal, or integrated ECR merchants (SAQ A-EP, SAQ B-IP, SAQ C or SAQ D Merchants). Here are the steps to receive Merchant’s Scan:
1. Once Merchant has completed Merchant’s SAQ, the system will guide Merchant to schedule Merchant’s Scan, if applicable.
2. The Scan will identify vulnerabilities or gaps that may allow unauthorized or malicious users to gain access to Merchant’s network and potentially compromise cardholder data. The Scan does not require Merchant to install any software, and no denial-of-service attacks will be performed.
3. Upon completion of the Scan, Merchant will receive a link to Merchant’s full compliance report. If Merchant fails network vulnerability review, this means that the Scan discovered areas of severe vulnerability. The TrustKeeper report describes the issues found and provides Merchant with recommendations for scan resources to begin fixing the problems. The tool will guide Merchant to remediate the failed Scan and work toward achieving compliance. Once Merchant has addressed the vulnerabilities, simply schedule a follow-up Scan to ensure MerchantXxxxxxxx’s remediation of the problem meets the PCI DSS requirements.
Appears in 1 contract
Samples: Merchant Processing Agreement