CoalfireOne℠ Scanning Solutions are a safe and integral part of proving and maintaining compliance-without disrupting network operations. Delivered as part of the CoalfireOne platform, our internal and external self-service vulnerability scans can help you:
- Identify potential vulnerabilities both inside and outside of your network and applications.
- Search networks and applications for breaches that could result in identify theft, credit card fraud, spam, malware, and more.
- Quickly and easily comply with industry specific requirements for compliance.
Internal Scanning Solutions
Our proprietary internal scanning appliance, Lighthouse, identifies your internal network’s vulnerabilities and assists in making your internal data environment secure. We help you determine your scope and can provide on-premises or virtual Lighthouse scanning solutions.
Lighthouse Core – Onsite scanning for single merchants and small-medium businesses (SMBs).
Lighthouse Enterprise – Onsite scanning tools developed to meet the special needs of the enterprise, including scans at multiple locations.
Lighthouse Virtual – Private and public cloud-based scanning for organizations of any size.
External Scanning Solutions
All entities, including merchants, service providers, and financial institutions must complete a quarterly scan to remain compliant with PCI DSS standards. Coalfire is a PCI Security Standards Council Approved Scanning Vendor (ASV), and can validate adherence to the external scanning requirement of the PCI DSS 11.2. Our scanning solutions include:
Scan Universal – By scanning for all vulnerabilities, Scan Universal helps organizations adhere to global financial, government, industry, and healthcare mandates while helping protect their businesses from security breaches and data theft.
Scan ASV – Our Scan ASV solution helps organizations that are required to use an ASV for their PCI scans. ASV-certified since its inception in 2001, Coalfire has a remediation-free track record.
The CoalfireOne Services Group – Dedicated Support for your Compliance and Risk Objectives
The CoalfireOne Services Group helps you understand compliance and what you can do to manage risk. Our CoalfireOne scanning services team members are certified ASVs, here to assist you as you navigate the various PCI SSC scanning requirements. Additionally, we can help you address the identified vulnerabilities in need of remediation, but also to provide support on any PCI SSC inquiries. Whether you need assistance determining scope or you have scanning questions, the CoalfireOne scanning services team is here for you.
Scans Notification - May 9, 2019
Scans Newsletter - April 1, 2019
Scans Notification - March 19, 2019
Scans Notification - March 7, 2019
Scans Notification - February 14, 2019
Scans Newsletter - January 10, 2019
Scans Newsletter - October 4, 2018
Scans Newsletter - April 3, 2018
Scans Newsletter - January 10, 2018
Scans Newsletter - October 2, 2017
Scans Newsletter - July 11, 2017
Scans Notification - June 14, 2017
Scans Newsletter - April 4, 2017
Scans Newsletter - January 10, 2017
Scans Newsletter - October 21, 2016
Scans Newsletter - August 8, 2016
Scans Newsletter - April 18, 2016
April 03, 2019, Beck Larson, Director, Coalfire Labs
As you may be aware by now (considering previous blog posts, ongoing walk-through webinars, and our press release), we released Coalfire’s brand new vulnerability scanning platform, CoalfireOne Scans, this morning. All of us here at the CoalfireOne Scanning Services Team are truly excited to see its many improvements around overall user experience, particularly the significantly reduced time spent on dispute cycles and the ability to create custom reporting. The new platform, which provides our PCI Approved Scanning Vendor (ASV) service featuring internal and external scans while enabling easy collaboration and project management, will provide users with smooth navigation, a robust database to ensure fast processing speeds, and scalable IP scanning capabilities. Read more
March 14, 2019, Travis Finn, Consultant, CoalfireOne Scanning Services
Part of the glamorous life of an ASV involves a rigorous Quality Assurance program to ensure that we are the best ASV's we can possibly be. Some of those efforts are not as readily apparent to our clients as others; but on some occasions, we like to share when our work directly benefits those who trust Coalfire to help reduce their risk and simplify compliance. Read more
February 22, 2019, Marco Brown, Associate, CoalfireOne Scanning Services
Gathering evidence, applying patches, and configuring your systems in preparation for submitting your vulnerability disputes can be a nerve-wracking and daunting task. To better enhance your understanding of the Approved Scanning Vendor (ASV) process, I’ve outlined some coping mechanisms and tools to use. Read more
January 18, 2019, James Cox, Support Analyst, CoalfireOne Scanning Services, Coalfire
Scan interference is best defined as when traffic from our scanners gets blocked, filtered, dropped, or modified in response to some sort of active protection system not recognizing our traffic. Once our scanners are flagged as an intruder, the client’s environment is no longer accessible, which causes the scan to fail. In order to ensure that reliable scans can be conducted, our scanners must be allowed to perform scanning without this interruption.. Read more
January 08, 2019, Erica Woods, Associate, Commercial Services, Vulnerability Assessments and Scanning, Coalfire
PCI-DSS can be challenging to navigate – particularly when it comes to the ASV scanning requirements. While fulfilling the scanning requirement is easy, obtaining a passing attestation report may involve more than simply remediating failed findings. One requirement that we receive many questions about is Special Notes. Read more
February 02, 2017, Rebecca Larson, ScanDesk Director, Coalfire
In the compliance realm, the term “quarterly” seems to be a sound and straight-forward term used to provide guidance and to aid entities in adhering to requirements. However, it’s meaning can vary based on its context in relation to dealing with various compliance requirements from your ASV and QSA. Read more