Text size Increase Font-SizeDecrease Font-SizeReset Font-Size

Approved Scanning Vendors (ASVs) are organizations that validate adherence to certain DSS requirements by performing vulnerability scans of Internet facing environments of merchants and service providers.

Please note, the PCI Security Standards Council maintains a structured process for security solution providers to become Approved Scanning Vendors (ASVs), as well as to be re-approved each year.

Approval and re-approval indicate only that the applicable ASV has successfully met all PCI Security Standards Council requirements to perform PCI data security scanning, and the PCI Security Standards Council does not endorse these security solution providers or their business processes or practices.

Although the PCI Security Standards Council strives to ensure that the list of Approved Scanning Vendors linked to this page is current, the list is updated frequently and the PCI Security Standards Council cannot guarantee that the list is current at all times. Accordingly, each time a client engages an ASV, the client is advised to check this list on a regular basis to ensure that its ASV has successfully maintained its status as an Approved Scanning Vendor.

Search by Company Name, Product Name, Place of Business and Locations served.
Results: 109
Page: 1 2 3 4 5 6

Company Place
of Business
Product Name Email Contact Locations Served Certificate
ASV Employees
Nettitude Ltd. United Kingdom Nettitude ASV Scanning Solution (2015)
Global 4251-01-08
Nixu Corporation
**In Remediation**
Finland Nixu Watson
Northern Europe (Nordic and Baltic countries) Middle East 3955-01-10
NRI Secure Technologies Japan PCI DSS Scanning Service
Global 5007-01-07
nSense ApS Denmark nSense Karhu
Scandinavia 3889-01-10
NTA Monitor Limited United Kingdom PCI Compliance Assessment 2015
UK, Europe, Middle East, Asia Pacific (including India), Australia, Malaysia, Global 4183-01-09
NTT Com Security (UK) Ltd. United Kingdom NTT Com Security ASV Security Scan 2015
Global 4001-01-10
NTT Data Intellilink Corporation Japan PCI DSS Scanning Service -NinjaSCAN-
Japan 3731-01-10
Odyssey Consultants Limited Cyprus ITHACA Labs PCI Scanning Service
Worldwide 5062-01-02
Optiv Security Inc. United States PCI On-Demand ASV Scans
Global 3755-01-09
Optiv Security Inc. United States Optiv PCI ASV Scanning Portal
Global 4190-01-10
Outpost24 AB Sweden OUTSCAN PCI
Global 4047-01-10
Paladion Networks Private LTD United States PCI ASV Scan Solution Validation 2015
sales@paladion.net, plynt@plynt.com
Global 5004-01-07
Payment Software Company (PSC) United States PSC Security Scanning Service
Global 3805-01-10
Portcullis Computer Security Limited United Kingdom PCI Compliance Services
Global 4074-01-10
ProCheckUp Ltd United Kingdom ProCheckUp ASV
Global 3748-01-09
Protiviti United States Protiviti ASV 2016
Global 3795-01-10
Qualys United States QualysGuard PCI
Global 3728-01-10
Rapid7 LLC United States Perimeter Scanning Service
Global 3906-01-17
RSI Systems Inc. United States RSI ASV
Min Oh
Global 5070-01-01
S21SEC Gestion, S.A. Spain PCI Renovation 2015
Global 3896-01-10
Results: 109
Page: 1 2 3 4 5 6
* 'In Remediation' status indicates a determination by the Council, after an Approved Scanning Vendor organization has violated applicable ASV Qualification Requirements. This status may result from failure to comply with any number of applicable ASV Qualification Requirements. ASVs are notified when remediation is required, and ASVs listed as "In Remediation" may be actively seeking to remedy this status. For more about remediation please review the Remediation section of the Qualification Requirements for Approved Scanning Vendors.

For information about the status of a particular ASV, please contact that ASV.

Back to Top

The PCI Security Standards Council (the "Council") provides a variety of tools, questionnaires, guidance, FAQs, training resources and other materials and information to assist organizations seeking to achieve compliance with its standards (the "Standards"). Third party products and services are also available, but the Council does not endorse or recommend any such third party products or services, and advises all organizations seeking to achieve compliance to become familiar with the Standards and related requirements before purchasing third party products or services. Ultimately, all applicable requirements must be met in order to achieve compliance, regardless of whether or what third party products or services are used.