πΌ 11.3.2 External vulnerability scans are performed.
-
Contextual name: πΌ 11.3.2 External vulnerability scans are performed.
-
ID:
/frameworks/pci-dss-v4.0/11/03/02 -
Located in: πΌ 11.3 External and internal vulnerabilities are regularly identified, prioritized, and addressed.
Descriptionβ
As follows:
- At least once every three months.
- By a PCI SSC Approved Scanning Vendor (ASV).
- Vulnerabilities are resolved and ASV Program Guide requirements for a passing scan are met.
- Rescans are performed as needed to confirm that vulnerabilities are resolved per the ASV Program Guide requirements for a passing scan.
Similarβ
- Sections
/frameworks/pci-dss-v3.2.1/11/02/02/frameworks/pci-dss-v4.0.1/11/03/02
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 11.2.2 Perform quarterly external vulnerability scans, via an Approved Scanning Vendor (ASV) approved by the Payment Card Industry Security Standards Council (PCI SSC). | ||||
| πΌ PCI DSS v4.0.1 β πΌ 11.3.2 External vulnerability scans are performed. | 1 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 11.2.2 Perform quarterly external vulnerability scans, via an Approved Scanning Vendor (ASV) approved by the Payment Card Industry Security Standards Council (PCI SSC). | ||||
| πΌ PCI DSS v4.0.1 β πΌ 11.3.2 External vulnerability scans are performed. | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ 11.3.2.1 External vulnerability scans are performed after any significant change. |