Sign In
SecureState home
SecureState
Skip navigation links
About Us
Audit & Compliance
Profiling
e.Discovery
Risk Management
Government
Skip Navigation LinksSecureState > Profiling > Vulnerability & PCI Scans


Skip navigation links
Profiling
Profiling
Vulnerability & PCI Scans
StateScan
Internal Pen-Test
External Pen-Test
Web Application Security
Wireless Security
Physical Security
War Dialing
Architecture Review
Firewall & Router Ruleset Review
Interrogation & Configuration Review
Profiling Training
Contact Us
Careers
Clients By Industry
Competitive Landscape
Media Center
Free Tools
Events
FAQ
Blog

Vulnerability & PCI Scans 


As an Approved Scanning Vendor (ASV), SecureState can provide PCI Certified Scans and assist in your compliance efforts... Tools can't do that!

Vulnerability Scans identify known network, operation system and web server exploits/vulnerabilities.  With the use of an automated tool that identifies known exposures, a vulnerability scan is a good practice once per quarter. SecureState can offer two types of vulnerabilities scans, Basic scans and PCI Approved Scanning Vendor Scans.

 Why we're the best:

  • SecureState uses only the best commercial tools available, constantly tested by SecureState's consultants, to give you the best scanning service available 
  • SecureState will validate the results of all automated tests, removing false positives to give a “true” report of vulnerabilities
  • SecureState is an PCI Approved Scanning Vender (ASV), providing a formatted report that you can give to Visa/MasterCard 
  • SecureState’s scans will not contain/result in:
    • Denial of Service
    • Distributed Denial of Service
    • Buffer overflow
    • Brute Force attacking that results in password lockout

What we do:

1. Vulnerability Scans with Commercial Scanning Tools

SecureState is independent of all products; therefore you can be sure we are using only the best commercial scanning tools on the market.  Our consultants test these tools on a quarterly basis to ensure that we are truly using the best tools out there.

2. A web application Blackbox test (PCI Scan only searches for Cross-Site-Scripting and SQL Injection)

When encountering a web application, SecureState's consultants will run the top automated tools on the market against your web applications. 

3. Manual Validation of Findings

SecureState's consultants will manually test the vulnerabilities discovered during the scans to ensure that they vulnerabilities and not just false positives.  This gives you the most accurate report of your company's vulnerabilities

4. Retest of High Findings (30 Days)

Within 30 days of conducting the initial scans, SecureState will retest the HIGH risk vulnerabilities discovered to be sure that they have been mitigated properly.

What you get:

1. MyState Portal

For 60 days, you will have full access to SecureState's secure MyState portal.  This portal will provide up to the second findings, as well as mitigation support throughout your SecureState experience.

2. Final Report (Exec Summary / Walk Through)

Upon completion of the penetration tests, SecureState's consultants will meet your security and executive team to walk through our findings.  We will also present a detailed road map to fix any vulnerabilities found.

3. Matrix of Findings

4. Mitigation Assistance

SecureState's consultants will devote two hours of time to help your company mitigate the vulnerabilities found quickly and efficiently.

5. Formatted Report to External

We will format the report so it is ready to be submitted to Visa and/or MasterCard to demonstrate compliance.

For more information about Vulnerability Scans... Please contact a SecureState representative 800-903-6264



Ask us about SecureState Kids!

WARNING: SecureState has found that certain vulnerability scans are being targeted for attacks.  These are typically the scans that post you are "Hacker Safe" on your front page. (See video)

Scans also include:

  • Fingerprinting
  • Hardening
  • Platform Independence
  • Networking
  • Accuracy
  • False Positive Management
SecureState uses Qualys to scan the network layer for vulnerabilities.  SecureState takes it a step further to validate the results and remove false positives from the reporting.

 

 

 

 

 

 

 

 


 


Chat Live with SecureState

Website designed and developed by SecureState, © 2008 SecureState LLC. All rights reserved. | Privacy Policy | Report discrepancy