Easy & Affordable PCI Compliance
Achieving PCI compliance shouldn't be so hard. As as Approved Scanning Vendor, we here to help you achieve your compliance objectives.
100% US-Based Support • Starting at just $349 per year
Let us be your guide
The Halo Security platform helps organizations of all sizes achieve PCI compliance and much more.
-
Unlimited Scans
Scan daily, weekly, monthly, quarterly or on-demand. -
Remediation guidance & vulnerability verification
Our helpful team of US-based security engineers is here to guide you through remediation of vulnerabilities, verify issues, provide proof-of-concepts, and answer any questions you have. -
Easy-to-generate PCI reports
Easily draft, submit, and generate PCI reports from an Approved Scanning Vendor. -
Asset discovery
Continuously discover your internet-facing assets to ensure coverage of all in-scope assets. -
Quarterly security reviews
We’ll review your attack surface and address gaps and prioritize opportunities for improvement with you and your team.
"The support I think is one of the best parts of this product.
Security review are always really valuable, going through and looking at what some of the issues are, digging more into those, and talking about things we could do to resolve them. It's usually the same person every time as well. So they've got a history with our account. That's been super useful for us.”
Halo Security works hard to ensure they are doing everything they can to provide me with everything I need to have my site compliant and secure. Everyone I have worked with is friendly and knowledgeable."”
Built on top of the advanced
Halo Security platform.
Get straightforward remediation advice from experts ready to help.
- See details and clear remediation guidance on every issue that’s detected.
- Easily assign and track remediation progress.
- Connect with our US-based support team straight from your dashboard.
A trusted advisor since 2013.
A FEW OF OUR CUSTOMERS
.png?width=474&height=200&name=surveymonkey%20(1).png)
.png?width=432&height=200&name=dollar-tree%20(1).png)
.png?width=294&height=200&name=experian%20(1).png)
.png?width=234&height=200&name=mrsfields%20(1).png)
.png?width=281&height=200&name=penske%20(1).png)
FAQs
What is PCI ASV Scanning
PCI ASV (Approved Scanning Vendor) Scanning is a process conducted by a PCI Security Standards Council-approved vendor to perform external vulnerability scans. These scans help ensure that your organization adheres to the external scanning requirements of the PCI DSS (Payment Card Industry Data Security Standard) Requirement 11.2.2. The primary goal is to identify and address security vulnerabilities that could be exploited by attackers.
Do you support reporting for different business units?
Yes! If your company has multiple business units, you can easily generate separate reports in our user-friendly portal. This feature allows you to manage and analyze compliance data for each business unit independently, ensuring that each unit meets PCI DSS requirements.
Are you an Approved Scanning Vendor (ASV)?
Yes, TrustedSite, LLC d.b.a. Halo Security is a PCI Security Standards Council Approved Scanning Vendor. Our certificate number is 5078-01-09. ASVs conduct external vulnerability scanning services to validate adherence with the external scanning requirements of PCI DSS Requirement 11.2.2.
Do you support dynamic IP addresses
Yes. If your web host doesn't provide you with a static IP address, our scan can use hostnames instead. This ensures that even with dynamic IP addresses, your scanning can proceed without interruption, maintaining your compliance with PCI DSS requirements.
How often do I need to perform PCI ASV scans?
PCI DSS requires quarterly external vulnerability scans by an ASV. Additionally, scans should be performed after any significant changes to your network, such as new system installations, changes in network topology, firewall rule modifications, or product upgrades.
Is there a limit to the number of scans I can run?
No, there is no limit to the number of scans you can run within your subscription period. You can set scans to run daily, weekly, monthly, quarterly, or on-demand. This allows you to plan your compliance activities around your business operations, ensuring minimal disruption.
What types of vulnerabilities are detected by the scan?
Our scans detect a wide range of vulnerabilities, including but not limited to SQL injection, cross-site scripting (XSS), outdated software versions, and misconfigured security settings. The scan checks for compliance with the latest PCI DSS requirements.
Can I get help with the remediaton?
Yes, our team is available to help you understand how to remediate any vulnerabilities identified in the scan. We provide detailed guidance and recommendations to help you address issues and achieve compliance.
Is customer service available if I have a question?
Absolutely! Our dedicated US-based customer support team is available to assist you with any questions or concerns you may have about the scanning process, results interpretation, or remediation steps. You can contact us via phone, email, or live chat.
How much does PCI compliance cost?
We're currently offering new PCI customers their first year for only $349. This includes unlimited scans on up to 3 IPs or hostnames and unlimited support from our team of US-based security experts.