Page 1 of 4 - CispScan Brochure
PCI Scanning Service
Requirement Overview
The Payment Card Industry (PCI) Program provides a comprehensive approach to
evaluating and improving network data security. The program provides acquiring
members with the ability to deploy security compliance programs, ensuring that
merchants, Member Service Providers, and data security vendors are adequately
protected against hacker intrusions and account data compromises.
Merchants categorized by PCI as Level 1, 2, or 3 are affected by this regulation.
These merchants are required to perform quarterly network security scans on their
external facing networks. Additionally, affected merchants have to demonstrate
compliance with their acquiring banks by filing a report from an approved scanning
vendor to prove that their infrastructure is secure and is 100% free of any critical
vulnerabilities (i.e. Vulnerabilities with a severity level of 3 or higher).
For more details on merchant levels and the corresponding requirements, please visit:
https://sdp.mastercardintl.com
Solution Overview
TeamInfoSec is a leading international information security consultancy firm based in
London and Dublin.
We have developed this online PCI scanning solution known as CispScan.
This solution has been tested and approved by MasterCard International (Cert
#4087-01-02).
Our service brings the speed, accuracy and cost-effectiveness of the software-as-a-
service model to solve this requirement.
Page 2 of 4 - CispScan Brochure
How does it work?
Simply enter the details of your relevant publicly facing IP addresses and we will
scan the associated devices with the relevant criteria and create the required report.
The report includes:
Executive Summary
Format Accepted by Banks (approved by MasterCard)
List of vulnerabilities
Information on how to fix any vulnerabilities found
PCI Assessment status (Pass or Fail)
Certification logo and entry into verification registrar for successful clients
PCI Certification
Successful clients that pass the analysis, wil