Set permanent PCI Scan Dispute?



  • Official comment
    Abby Kincer

    Hi @... - from our backend, looks like you got help with this in a Support ticket! I'm sharing a high-level summary of the answer in case other users have the same question -

    The PCI Council forbids this and so, from a PCI perspective, not much can be done but to address the underlying cause. Creating an exclusion rule could cause us to miss reporting on a bad server when using a similar port.

    Per the PCI Council: "Not carry dispute findings forward from one quarterly scan to the next by the ASV. Dispute evidence must be verified and resubmitted by the scan customer, and evaluated again by the ASV, for each quarterly scan."

    If a resolution becomes available, we will certainly communicate that with you here!

  • Avatar
    Abby Kincer

    Hi @... - thanks for reaching out and I'm sorry to hear you're having trouble with our PCI scans. I'm working on getting you info to help with this right now, and I'll report back soon.


Please sign in to leave a comment.