Common use of Vulnerability Scans Clause in Contracts

Vulnerability Scans. A vulnerability scan (“Scan”) is necessary for PC, IP enabled terminal, or integrated ECR merchants (SAQ A-EP, SAQ B-IP, SAQ C or SAQ D Merchants). Here are the steps to receive Merchant’s Scan: 1. Once Merchant has completed Merchant’s SAQ, the system will guide Merchant to schedule Merchant’s Scan, if applicable. 2. The Scan will identify vulnerabilities or gaps that may allow unauthorized or malicious users to gain access to Merchant’s network and potentially compromise cardholder data. The Scan does not require Merchant to install any software, and no denial-of-service attacks will be performed. 3. Upon completion of the Scan, Merchant will receive a link to Merchant’s full compliance report. If Merchant fails network vulnerability review, this means that the Scan discovered areas of severe vulnerability. The TrustKeeper report describes the issues found and provides Merchant with recommendations for scan resources to begin fixing the problems. The tool will guide Merchant to remediate the failed Scan and work toward achieving compliance. Once Merchant has addressed the vulnerabilities, simply schedule a follow-up Scan to ensure Merchant’s remediation of the problem meets the PCI DSS requirements.

Appears in 3 contracts

Samples: Merchant Processing Agreement, Merchant Processing Agreement, Merchant Processing Agreement

AutoNDA by SimpleDocs

Vulnerability Scans. A vulnerability scan (“Scan”) is necessary for PC, IP enabled terminal, or integrated ECR merchants (SAQ A-EP, SAQ B-IP, SAQ C or SAQ D Merchants). Here are the steps to receive Merchant’s Scan: 1. Once Merchant has completed Merchant’s SAQ, the system will guide Merchant to schedule Merchant’s Scan, if applicable. 2. The Scan will identify vulnerabilities or gaps that may allow unauthorized or malicious users to gain access to Merchant’s network and potentially compromise cardholder data. The Scan does not require Merchant to install any software, and no denial-of-service attacks will be performed. 3. Upon completion of the Scan, Merchant will receive a link to Merchant’s full compliance report. If Merchant fails network vulnerability review, this means that the Scan discovered areas of severe vulnerability. The TrustKeeper report describes the issues found and provides Merchant with recommendations for scan resources to begin fixing the problems. The tool will guide Merchant to remediate the failed Scan and work toward achieving compliance. Once Merchant has addressed the vulnerabilities, simply schedule a follow-up Scan to ensure MerchantXxxxxxxx’s remediation of the problem meets the PCI DSS requirements.

Appears in 1 contract

Samples: Merchant Processing Agreement

AutoNDA by SimpleDocs
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!