In addition to an annual RoC and penetration testing, Level 1 merchants and service providers must undergo quarterly network scans to get and stay PCI compliant. Below is a list of trusted approved scanning vendors (ASVs).
360 Advanced
The 360 Advanced team can provide the required quarterly external vulnerability scans through a trusted third-party partner.
Clone Systems
Clone Systems provides PCI compliance scanning so you can comply with the standard and safeguard your customer data.
Moss Adams
As one of approximately a hundred ASVs worldwide, Moss Adams can perform the required quarterly vulnerability assessment scans on your internet-facing systems.
Prescient Assurance
Prescient Assurance can help you meet quarterly scanning and reporting requirements and help you identify and remediate vulnerabilities as an ASV.
SOOS
SOOS delivers a full accounting of software licenses and vulnerabilities into the Secureframe platform, enabling a swifter, more efficient path to PCI compliance.
Invicti
Invicti is a web application security solution that can be used to conduct PCI DSS Scans to receive approved PCI DSS compliance reports for your public website.
