Share PCI Scan
Click here to view navigation pane

Share PCI Scan

This workflow allows you to share the results from a PCI external scan launched in the VM application with the PCI service.

Get Started

Before you begin - Activate the PCI compliance serviceBefore you begin - Activate the PCI compliance service

Select PCI from the application picker. You'll be prompted to activate the PCI compliance service. Click the Activate Now button. A new PCI Merchant account will be created for you and linked automatically to your VM account. Optionally, go to VM/VMDR > Scans > Setup > PCI Account Links to see your previously linked PCI accounts or to add new accounts.

Step 1: Select a scanStep 1: Select a scan

Go to VM/VMDR > Scans and select a PCI external scan in the scans list.

How can I identify a PCI external scan?How can I identify a PCI external scan?

A PCI external scan is a VM scan run with any PCI option profile, such as the "Payment Card Industry (PCI) Options". You can search for scans with this profile title.

Note when sharing is in progressNote when sharing is in progress

It's not possible for you to share a PCI scan with a PCI account if scan sharing to that account is in progress (when sharing is in progress, you'll see the share status is "Queued" or "In Progress").

Step 2: Select the Share optionStep 2: Select the Share option

Click the "Share with PCI" link in the scan preview pane. Identify the PCI Merchant account you want to share this scan with and click Share.

Step 3: Log in to PCIStep 3: Log in to PCI

Click the Launch button next to a PCI account to log into the PCI service. Once logged in, you will see the PCI scan on the Scan Results list (in Network > Scan Results).

Tell me about scan statusTell me about scan status

The scan status will be "Importing" while scan sharing is in progress (scan is being imported into your PCI account) and "Finished" when the scan has been imported successfully.

What if the scanned IPs are not in my PCI account?What if the scanned IPs are not in my PCI account?

Any scanned IPs not already in your account will be added (in Assets > IP Assets).

View scan reports in PCIView scan reports in PCI 

In PCI, view the scan results shared by VM on the Scans page (Network > Scan Results). The Scan Type column indicates whether it is an IP or DNS scan result. You can download the scan results in PDF format.

- If FQDNs are added as target hosts, scan results are available as DNS scans.

- If IP addresses are added as target hosts, scan results are available as IP scans. 

- If FQDNs and IP addresses are added as target hosts, scan results are available as IP scans.       

What do I do next for PCI certification?What do I do next for PCI certification?

In PCI, view the scan results by going to the Compliance Status page (Compliance > Compliance Status) and generate a PCI network report and take required actions for PCI certification: 1) submit the report to your ASV for approval, and 2) once approved, submit the report to your acquiring banks.