Web Inspector PCI Services - General FAQ
What's the difference between the Web Inspector PCI services?
Web Inspector PCI Scan Compliancy
The PCI Scan Control Center is an on-demand, vulnerability assessment scanning solution to enable merchants and service providers to achieve PCI scan compliance.
After each scan, users receive a comprehensive vulnerability report detailing any security issues with remediation advice and advisories to help fix them.
Following a successful scan (no vulnerabilities rated higher than CVSS base score 4.0), merchants receive an official PCI compliance report that can be sent to an acquiring bank.
The Standard version enables merchants to run 10 PCI scans per quarter on up to 5 IP addresses using the full complement of over 21,000 individual vulnerability tests. The Enterprise version is a more powerful and flexible service which provides for up to 100 scans per quarter on 20 IP addresses.
Web Inspector Free PCI Scan
The Free PCI Scan service is valid for 90 days and allows merchants to achieve PCI scan compliancy free of charge. The service contains all the functionality of the Scan Compliancy but restricts the user to 5 PCI scans per quarter on a maximum of 3 separate IP addresses. The service generates an official 'PCI Compliant' report after every successful scan but does not include a Payment Credential CVC.
Why do I need vulnerability scanning if I have an SSL certificate?
SSL certificates do not secure a web server from malicious attacks or intrusions.
High assurance SSL certificates such as Instant SSL provide the first tier of customer security and reassurance, namely:
- A secure connection between the customer's browser and the web server
- Validation that the web site operators are a legitimate, legally accountable organization
Is there a User Manual for Web Inspector?
There is an online manual at the following location: http://help.comodo.com/topic-208-1-490-5111-Introduction-to-Comodo-Web-Inspector.html