McAfee TSA00M005PAA Processor Guide - Page 123

Overview of the certification process, Types of devices to scan

Get McAfee TSA00M005PAA - Total Protection Service PDF manuals and user guides
UPC - 731944556253
View all McAfee TSA00M005PAA manuals
Add to My Manuals
Save this manual to your list of manuals

Page 123 highlights

Using the SaaS Vulnerability Scanning Service Overview of the certification process Overview of the certification process This is the high-level process for maintaining compliance with certification standards for your network. PCI certification To maintain compliance with the PCI certification standards: 1 Take the self-assessment questionnaire. This is available on the PCI tab of the SaaS vulnerability scanning portal. It helps you identify the tools used by your website to process customer payment data. 2 Add devices to scan and configure scanning options. For Service Level, select Devices PCI. The Scan Frequency defaults to Quarterly, per the requirements for certification. You can also perform on-demand scans as needed. 3 View results of the scans and suggested remediation tasks (if vulnerabilities were found). Results and instructions for obtaining documentation to certify your compliance are provided on the portal. McAfee SECURE Trustmark To maintain compliance with the standards for McAfee SECURE trustmark: 1 Take the self-assessment questionnaire. (Recommended) This is available on the PCI tab of the SaaS vulnerability scanning portal. It helps you identify the tools used by your website to process secure information. 2 Add devices to scan and configure scanning options. For Service Level, select Devices McAfee SECURE. The Scan Frequency defaults to Daily, per the requirements for certification. You can schedule additional scans as needed. 3 Copy the trustmark code and place it on your website. The code and instructions for using it are available on the portal. 4 View results of the scans and suggested remediation tasks (if vulnerabilities were found). Results and instructions for obtaining documentation to certify your compliance are provided on the portal. If severe vulnerabilities are not resolved within 72 hours, the trustmark code becomes invisible on your site and an action item is displayed on the SecurityCenter. When the vulnerabilities are resolved and the site is scanned successfully, then the trustmark code becomes visible on your site again. Types of devices to scan Scans target two types of network components. • D evice - A single host, IP address, or domain name. • N etwork - A range of IP addresses. These scan targets are called devices on the SaaS vulnerability scanning portal. Before running scans, you must add each device you want to scan to your account on the SaaS vulnerability scanning portal. If you are unsure of the IP addresses to add, you can add a domain name and run a discovery scan to identify the IP addresses. 123 McAfee Total Protection Service Product Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
123
McAfee Total Protection Service Product Guide
Overview of the certification process
This is the high-level process for maintaining compliance with certification standards for
your network.
PCI certification
To maintain compliance with the PCI certification standards:
1
Take the self-assessment questionnaire. This is available on the PCI tab of the SaaS
vulnerability scanning portal. It helps you identify the tools used by your website to process
customer payment data.
2
Add devices to scan and configure scanning options. For Service Level, select
Devices
PCI
. The Scan Frequency defaults to
Quarterly
, per the requirements for certification.
You can also perform on-demand scans as needed.
3
View results of the scans and suggested remediation tasks (if vulnerabilities were found).
Results and instructions for obtaining documentation to certify your compliance are
provided on the portal.
McAfee SECURE Trustmark
To maintain compliance with the standards for McAfee SECURE trustmark:
1
Take the self-assessment questionnaire.
(Recommended)
This is available on the PCI tab of the SaaS vulnerability scanning portal. It helps you
identify the tools used by your website to process secure information.
2
Add devices to scan and configure scanning options. For Service Level, select
Devices
McAfee SECURE
. The Scan Frequency defaults to
Daily
,
per the requirements for
certification. You can schedule additional scans as needed.
3
Copy the trustmark code and place it on your website. The code and instructions for using
it are available on the portal.
4
View results of the scans and suggested remediation tasks (if vulnerabilities were found).
Results and instructions for obtaining documentation to certify your compliance are
provided on the portal.
If severe vulnerabilities are not resolved within 72 hours, the trustmark code becomes invisible
on your site and an action item is displayed on the SecurityCenter. When the vulnerabilities are
resolved and the site is scanned successfully, then the trustmark code becomes visible on your
site again.
Types of devices to scan
Scans target two types of network components.
Device
— A single host, IP address, or domain name.
Network
— A range of IP addresses.
These scan targets are called devices on the SaaS vulnerability scanning portal. Before running
scans, you must add each device you want to scan to your account on the SaaS vulnerability
scanning portal. If you are unsure of the IP addresses to add, you can add a domain name
and run a discovery scan to identify the IP addresses.
Using the SaaS Vulnerability Scanning Service
Overview of the certification process