usd AG Re-Accredited Worldwide as an Approved Scanning Vendor (ASV)

23. August 2024

On 20.08.2024, we once again received worldwide accreditation as an Approved Scanning Vendor (ASV) for the scanning services of our usd PCI Platform by the PCI Security Standards Council (PCI SSC). This makes us one of two accredited ASV companies in Germany.

More companies obligated to carry out ASV scans than before

Companies that process, store or transmit credit card data must have their affected IT systems scanned for vulnerabilities on a quarterly basis as part of their PCI DSS certification. These scans may only be carried out by an ASV that has been tested and accredited by the PCI SSC and is on the official list of Approved Scanning Vendors. Since PCI DSS v4.0 came into force, significantly more companies are obliged to perform ASV scans than before. You can find more information on the scanning obligation in our help section.

Accreditation takes place annually

All ASV organizations must undergo annual re-accreditation with the PCI SSC. These providers must meet or even exceed the requirements of the Qualification Requirements for Approved Scanning Vendors. The review is based on a structured, transparent process and requires, among other things, participation in the necessary training sessions, an examination of the ASV employees and, above all, a successful test result in the PCI SSC's ASV Lab Scan Test.

Rigorous test procedure

The PCI SSC's review of the scanning solution does not only look at processes and organizations. Our usd PCI DSS Platform was extensively tested as part of a realistic simulation of a vulnerability analysis. Our scanning solution had to identify and report all technical vulnerabilities in simulated network environments with vulnerable hosts and network devices within one day.

“We have now been continuously accredited as an ASV for almost 20 years. Nevertheless, we are just as excited about every re-accreditation as we were the first time, because the high technical requirements of the PCI SSC increase from year to year in order to keep pace with the rapid development of cyber threats. The test result from the ASV Validation Lab is the best confirmation for our clients that they are getting a reliable ASV scanning solution from us. We are also pleased with the continuous development of our platform to keep the entire review process as quick and easy as possible for our clients.”

Sebastian Düringer, Managing Security Consultant usd HeroLab,
responsible for scanning services at usd AG

Also interesting:

DORA Countdown: One Month Left Until the Deadline

DORA Countdown: One Month Left Until the Deadline

DORA, the Digital Operational Resilience Act, will fully apply as of 17 January 2025. We have summarized everything you need to know about the EU regulation, preparation and best practices from our news blog.

Sunset of PCI DSS v4.0 on 31 December 2024: Get Ready!

Sunset of PCI DSS v4.0 on 31 December 2024: Get Ready!

PCI DSS v4.0: In March 2024, version 4.0 of the Payment Card Industry Data Security Standard became mandatory after a two-year transition phase. Just a few months later, version 4.0.1 was released as a minor update of the standard, which will become mandatory on...

Top 3 Vulnerabilities in SSO Pentests

Top 3 Vulnerabilities in SSO Pentests

During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to corporate security. They increasingly encounter the same vulnerabilities. Our blog series "Top 3 Vulnerabilities" presents...

Categories

Categories