Frequently Asked Questions

Do your scans meet the requirements for PCI compliance?

Yes. Our PCI scans are Approved Scanning Vendor (ASV) certified and approved. Included with every passing scan is certified documentation which you can present to your bank or merchant service provider when they require evidence of scanning for PCI compliance.

How long do scans generally take?

Scan duration depends on the responsiveness of you server. Some scans finish in close to an hour, while others take over four hours to complete. If your scan is taking over 12 hours to complete, please contact customer support.

Which IP Addresses Should I Scan?

Read our article on this here.

How often should I have my site scanned?

Regular scanning helps to alert you when vulnerabilities creep up, but scans performed too often can burden your server with unnecessary overhead and traffic. For most customers, we recommend that you perform on-demand scans as needed until you are able to resolve all of the serious vulnerabilities identified. Then schedule your site to be scanned once a month.

Will a PCI scan cause my server to go down?

Our scans are designed to be low impact and non intrusive. It is very unlikely that you will experience downtime as a result of the scan. You may, however, notice slightly reduced responsiveness from your server as the scan is run. Therefore, we recommend that you schedule your scans to run during your off hours.

How do I get my scan results?

You will be notified by email when your scan completes. To view your scan results, login to your ServerScan account. In your scan manager, go to the scan portal, then click on the “Compliance Reports” tab. From there, you can view and download your scan results and documentation.

How do I complete my Self-Assessment Questionnaire (SAQ)?

In the My Account section of Server Scan after you log in, all of the most recent SAQ forms are available for download.

Which Self-Assessment Questionnaire should I complete?

This depends on how you receive, transmit, and/or store credit card information. Please reference Step 4 of our PCI Compliance Scanning page for details.

Can I adjust the schedule of my scans?

Yes. To adjust your scan schedule, simply login to your ServerScan account, go to the scan portal, and click on “Scan Schedules” under “Manage Scans”. From there you can set a daily, weekly, monthly, or quarterly schedule for your scan. You can even specify which day of the week, or month you want the scan to run, and which time period of day to start each scan.

What other types of scans does PCI DSS require?

That is best answered here: Scanning Requirements Explained

How does your money-back guarantee work?

Our objective is to help you secure your servers and to help you pass the scanning requirement for PCI compliance. We confidently stand by this objective with a money-back guarantee. If you or your web developer are unable to obtain a passing PCI scan using the information provided in your scan results, we will refund your full purchase price. No questions asked.

Great! How do I get started?

First, Sign up for PCI scanning. Once you've purchased the PCI Scanning service for your fully qualified domain name (preferred) or IP address, we will configure your account and run your first scan. When your scan completes, you can login to your account to repeat the scan, schedule recurring scans, and download scan reports. It is that simple!