[CentOS] Recommendation for a Good Vulnerability Scanning Service?

Fri Feb 18 19:36:48 UTC 2011
m.roth at 5-cent.us <m.roth at 5-cent.us>

Hi, there,

Michael B Allen wrote:
>
> Can someone recommend a good vulnerability scanning service? I just
> need the minimum for PCI compliance (it's a sort of credit card
> processing certification).

"Sort of"? ROTFL. You need a *serious* scan, commercially done AFAIK. The
*minimum* qualifications, I believe, are a 60 or 63 item questionaire; for
full PCI-DSS, it's something like 243 questions, and you need a full IT
dept.

I would *very* strongly recommmend that you talk to the bank or agency
that's asking you for this, and ask them for recommendations.
<snip>
         mark, who worked on a short term contract for Trustwave, who
                  does that (and is a root CA, as well)