Approved Scanning Vendor

Service Overview

PCI SSC Approved Scanning Vendor (ASV)

In order to be PCI-DSS compliant, your organization must adhere to requirement 11.2: “Run internal and external network vulnerability scans at least quarterly and after any significant change in the network. Quarterly external scans must be performed by an Approved Scanning Vendor (ASV).”

As a qualified ASV (approved by the PCI Security Standards Council), our goal is to assist merchants and service providers in becoming—and staying—PCI DSS compliant.

Our Approach

We use comprehensive network scans to identify vulnerabilities in your organization’s environment and provide remediation assistance and recommendations to help you achieve your quarterly Attestation of Scanning Compliance. With thousands of approved scans under our belts, nobody is better qualified to help your organization through all aspects of PCI-DSS compliance.

Key Benefits:

Approved Scanning Vendor

PCI SSC approved scanning vendor

Powerful scanning processes and tools

Uncover all vulnerabilities in your environment

Expert remediation advice and guidance

Minimize Risk and Ensure Compliance With Our PCI SSC Approved Scanning Service

Levels 1 through 4 Merchants and Service Providers are required to perform external vulnerability scanning on a quarterly basis. Our scanning process perfectly matches the requirements of PCI-DSS.

External Facing IPs

A MegaplanIT security consultant will begin by identifying all external facing IPs that are in scope for vulnerability scanning.

Scheduled Scans

Our consultant will coordinate with your team to schedule scanning activities. Your productivity is a priority, which is why we make sure our assessments never interfere with your organization’s workflow.

External ASV Scans

Once the external ASV scans are complete, the MegaplanIT consultant will review scan results internally to ensure accuracy. If any vulnerability exists, the MegaplanIT consultant will offer customized remediation consulting and perform retesting (if necessary).

Attestation of Scanning

Once your organization has passed the ASV scan, MegaplanIT will issue an Attestation of Scanning for submission to acquirers, processors, gateways, and other PCI stakeholders. We also provide detailed Technical Reports, including an Executive Summary, for your information and records.

MegaplanIT prides itself on establishing top certifications including:


Global Information Assurance - GPEN Certification

Global Industrial Cyber Security Professional

Certified Level 1 PCI DSS Service Provider

What Our Customers Say


Make Our Team, Your Team!

Our innovative IT security and compliance solutions are designed to deliver customized, cost-effective service on time—because your priorities are our priorities. With a highly qualified team of PCI-DSS QSAs, Penetration Testers, and Information Security Consultants here at MegaplanIT, we will assess your unique company and business environment and design a path to security that will fit all of your needs.