Text size Increase Font-SizeDecrease Font-SizeReset Font-Size

Approved Scanning Vendors (ASVs) are organizations that validate adherence to certain DSS requirements by performing vulnerability scans of Internet facing environments of merchants and service providers.

Please note, the PCI Security Standards Council maintains a structured process for security solution providers to become Approved Scanning Vendors (ASVs), as well as to be re-approved each year.

Approval and re-approval indicate only that the applicable ASV has successfully met all PCI Security Standards Council requirements to perform PCI data security scanning, and the PCI Security Standards Council does not endorse these security solution providers or their business processes or practices.

Although the PCI Security Standards Council strives to ensure that the list of Approved Scanning Vendors linked to this page is current, the list is updated frequently and the PCI Security Standards Council cannot guarantee that the list is current at all times. Accordingly, each time a client engages an ASV, the client is advised to check this list on a regular basis to ensure that its ASV has successfully maintained its status as an Approved Scanning Vendor.

Search by Company Name, Product Name, Place of Business and Locations served.
Results: 107
Page: 1 2 3 4 5 6

Company Place
of Business
Product Name Email Contact Locations Served Certificate
ASV Employees
Clone Systems, Inc. United States Active-Now Clone Guard PCI
USA 4262-01-08
Coalfire Systems, Inc United States Coalfire RapidScan
Global 3782-01-10
Cognosec GmbH Austria PCI Scan 360
Worldwide 5059-01-03
Comodo CA Ltd United Kingdom HackerGuardian PCI Scanning Service
Global 4172-01-09
Context Information Security Ltd United Kingdom Context IS ASV Scan and Test 2015-16
UK, Germany, Australia 4217-01-08
Control Case United States ControlCase GRC
Global 4250-01-08
ControlScan United States PCI 1-2-3
Global 5045-01-05
Core Security Technologies United States PCI Scanning Compliance Testing - 2015
Global 3899-01-10
Critical Watch United States FusionPCI/ez
Global 3871-01-10
CryptoNet Srl Italy CryptoNet PCI 2016
Italy, Europe, Middle East , Africa 5023-01-06
Cybercom Group Sweden Cybercom PCI DSS Netscan
Europe, Middle East 3989-01-10
Deloitte LLP Canada Deloitte Scanning Solution - 2015
Global 4224-01-08
Digicure Denmark IPCURE PCI
Global 4263-01-08
Digital Defense Inc United States NIRV Scanner
Global 3763-01-10
Emaze Networks Italy ipLegion - ISM Product Suite
Italy, Italy/Europe, Europe, Oman, Qatar, U.A.E., Kuwait, Bahrain, Saudi Arabia, Turkey, Switzerland, Middle East, Spain, Greece, Slovenia, Latin America, South America, Asia 5034-01-05
Experis Finance US LLC United States Payment card Compliance Services
Global 3848-01-09
Fujitsu Limited Japan PCI DSS ASV Scanning Service
Japan 5027-01-05
GMV Soluciones Globales Internet, S.A.U. Spain PCI DSS Compliance Scan (2015)
Global 5021-01-06
Handshake Networking Ltd. Hong Kong and Macau PCI ASV Vulnerability Scanning
Global 3862-01-09
HCL Comnet Systems and Services Limited India HCL PCI ASV Requalification 2015-16
Global 3987-01-09
Results: 107
Page: 1 2 3 4 5 6
* 'In Remediation' status indicates a determination by the Council, after an Approved Scanning Vendor organization has violated applicable ASV Qualification Requirements. This status may result from failure to comply with any number of applicable ASV Qualification Requirements. ASVs are notified when remediation is required, and ASVs listed as "In Remediation" may be actively seeking to remedy this status. For more about remediation please review the Remediation section of the Qualification Requirements for Approved Scanning Vendors.

For information about the status of a particular ASV, please contact that ASV.

Back to Top

The PCI Security Standards Council (the "Council") provides a variety of tools, questionnaires, guidance, FAQs, training resources and other materials and information to assist organizations seeking to achieve compliance with its standards (the "Standards"). Third party products and services are also available, but the Council does not endorse or recommend any such third party products or services, and advises all organizations seeking to achieve compliance to become familiar with the Standards and related requirements before purchasing third party products or services. Ultimately, all applicable requirements must be met in order to achieve compliance, regardless of whether or what third party products or services are used.