Remote Monitoring & Management Help

RI PCI Scan - Internal PCI Compliance Scan Report

The Internal PCI Compliance Scan Report is based on the information returned from the RI PCI Scan Automated and incorporates both the PCI DSS Requirements and CVSS Scored results for the selected device.

Device Details

The first section provides basic information on the date and time the Assessment Completed, along with Device identifiers including its IP address, Host name and Operating System Platform.

Evaluation Section

The Evaluation Section contains the summary information for both the PCI DSS Requirements and CVSS Scored Results.

For both indicators the overall Status (Pass or Fail) is displayed, along with their Metrics; an overview of the requirements or scores: In Place, Not in Place or Not Evaluated (PCI DSS Requirements) or High, Medium or Low (CVSS Scored Results).

This section contains the Vulnerabilities by CVSS Severity and Patches by CVSS Severity (where this information is available) including the total number of items for each severity along with their graphical representation. Hover over a segment to display the number of items it contains along with its percentage value.

Details about Scoring

CVSS (Common Vulnerability Scoring System) provides standardised scoring with each vulnerability assigned a severity of High, Medium or Low.

A vulnerability with a High level of severity will fail PCI compliance whereas vulnerabilities with Medium or Low severity levels will generally pass PCI compliance.

CVSS Score

Severity

7.0 - 10.0

High

4.0 - 6.9

Medium

0.0 - 3.9

Low

 

PCI Details

This section outlines the various PCI Compliance requirements with each Requirement containing a description and each component providing details of the PCI DSS Requirements, the Testing Procedures and Result.

Patch & Vulnerability Summary

Where available this section contains details of those vendors where a vulnerability and / or missing patch was discovered for their products, including a list of potential fixes. To provide an indication of issue coverage for each of these vendors, the percentage of issues in the Report that are related to this vendoris also displayed.

Show Patch & Patch Scan Details

Click Show Patch & Patch Scan Details to list information on the discovered vulnerabilities along with their CVSS score and an External Identifiers vendor reference and / or link to the National Vulnerability Database for additional details.

This section also displays the open and listening TCP/IP Network Ports on the device and a link to the IANA Port References.

Click Hide Patch & Patch Scan Details to contract this section.

View as PDF

To view the Report as a PDF simply click the PDF Version to open the PDF Report in a new window. Please note that the PDF version contains the Device Details, Evaluation Section, Patch & Vulnerability Summary along with Show Patch & Patch Scan Details.

maxri_pci_report

Please note that we are not responsible for the content of external sites.