PCI DSS Scanning in Acunetix 360

Acunetix 360 users can conduct Payment Card Industry (PCI) Scans to receive approved PCI compliance reports for their public websites.

PCI Scans are only available for Acunetix 360 On-Demand users and for websites whose Agent Mode is set to Cloud.

Running a PCI DSS Scan in Acunetix 360

When configuring a New Scan, you can enable Create PCI Scan to ensure that a PCI Scan is conducted in addition to your Acunetix 360 scan. This additional PCI Scan is related, but not identical, to your Acunetix 360 Scan. Scan Options configured in Acunetix 360 do not affect the PCI Scan and the two scans work independently of each other.

How to Run a PCI DSS Scan in Acunetix 360
  1. In the New Scan window, while configuring the Scan Options, click the PCI Scan tab.

  1. Enable the Create PCI Scan checkbox.
  2. Configure the remaining settings as required.
  3. Click Launch.
How to Run a PCI Group Scan in Acunetix 360
  1. In the New Website Group Scan window, while configuring the Scan Options, enable the Create PCI Scan checkbox.

  1. Configure the remaining settings as required.
  2. Click Launch.

PCI DSS Scan Status Management in Acunetix 360

Management of the PCI Scan's status is related to your Acunetix 360 scan:

  • If you click Pause on your ongoing Acunetix 360 scan, then the PCI Scan will also pause.
  • If you click Cancel on your Acunetix 360 scan, then the PCI scan will also cancel.

Sometimes, your Acunetix 360 scan might finish before your PCI Scan is completed. If this is the case, you can manage your PCI Scan state in your Scan Report detail UI. It will give you the option to Stop the PCI Scan.

Your Scan Report UI will provide you with information on whether your PCI scan is running, how far it has progressed, and what number and level of issues it has detected so far. If you stop your PCI Scan, your Scan Report UI will inform you of this, and provide you with the options to Resume or Delete this scan.

Viewing PCI DSS Scan Results in Acunetix 360

When your PCI Scan is complete, you will be able to view the Compliance result in the Report page. If your Compliance has passed, then you will be able to Export your scan result reports. This PCI Compliance report can come in three formats.

This table lists and explains PCI Scan Results Reports.

PCI Scan Results Report

Description

Attestation Report

This is the results report. It contains the compliance result.

Detailed Report

This report contains detailed information about the IP addresses you've scanned and should not be shared with third parties.

Executive Report

This report defines whether or not your environment meets the ASV scanning guidelines set by the PCI security council.

How to View the PCI DSS Scan Report in Acunetix 360
  1. Click Scans, then Recent Scans.
  2. In the Recent Scans window, click Report for the PCI Scan you want to view. The Scan Summary is displayed.
  3. From the Scan Summary, you can view PCI Scan results and Export a PCI Scan Report.

  1. If your scan fails, you must fix your vulnerabilities first. Once you have resolved these issues, create a new scan.

 

« Back to the Acunetix Support Page