Why am I failing my PCI compliance vulnerability scan?

This article covers common reasons merchants may fail their PCI compliance vulnerability scan.

In order to become PCI compliant, certain SAQ profile types must pass a PCI compliance vulnerability scan. Common reasons for failing this scan are:

  • You have open ports that should be closed.
  • The incorrect IP address was entered for the scan.
  • You are hosting your own eCommerce website.
    • This can be done but is much harder to pass.
  • Your TLS versions are out of date.
    • SSL is no longer PCI compliant.

You can download a vulnerability scan executive report in Sysnet. To do so, complete the following:

1. Navigate to the Sysnet PCI Compliance Manager portal.

2. Log into your account.

3. Click Be Scan Compliant > Manage > Review your PCI DSS External Vulnerability scans.

4. Click Actions > Download > Download.

This report will give you more information on the scan itself and the results of the scan. If you have any questions about the vulnerability scan, contact Zomaron support.