Approved scanning vendors

ASV scans are a hard requirement of the PCI DSS standard. To help you with this area of PCI compliance, Bulletproof are certified by the PCI Security Standards Council to provide ASV scanning. These scans go further than a traditional VA scan and depend on the skill of our highly trained and qualified employees.

We’re certified by the PCI Standards Security Council (PCI SSC)

Certified by the PCI Security Standards Council (PCI SSC)

ASV scans are required as a part of PCI DSS compliance

ASV scans are a mandatory part of PCI DSS

In-depth test of your online security defences

A good test of your cyber security posture

Available as a stand-alone scan or as a part of a compliance package

Packages and one-off scans available.



Simple scan management

As part of our commitment to innovating better security technologies, we've developed a comprehensive, easy-to-use compliance portal. This is a single pane of glass for businesses to manage every aspect of their ASV scans, including conducting scans, storing reports, submitting evidence and compensating controls, and more.


Expert PCI DSS compliance from Bulletproof

Bulletproof were the first in the UK to become a PCI DSS v3.2 Level 1 Service Provider. Our years of experience mean we can help your build strong compliance measures into your business, including PCI-compliant hosting, penetration testing, consultancy-based support , and more.


  • Bulletproof are CREST approved

    CREST approved

  • Bulletproof are ISO 27001 and 9001 certified

    ISO 27001 and 9001 certified

  • Bulletproof are Tigerscheme qualified testers

    Tigerscheme qualified testers

  • Bulletproof are a PCI DSS v3.2 Level 1 service provider

    PCI DSS v3.2 Level 1
    service provider

  • Bulletproof have 24/7 on-site Security Operations Centre

    24/7 on-site Security
    Operations Centre

Frequently asked questions

What is an ASV scan?

An ASV scan is essentially a more in-depth vulnerability scan that can only be performed by an Approved Scanning Vendor (ASV). An ASV scan will scour your network and flag up any vulnerability found, allowing you to take action against them. Quarterly scans are mandatory under PCI DSS compliance.

Who needs an ASV scan?

ASV scans are a requirement for PCI DSS compliance. Any company handling credit card information needs to remain PCI compliant. Any company looking to become compliant and those looking to maintain compliance will need to undergo quarterly ASV PCI scans.

How much does an ASV scan cost?

Such scans are usually grouped in with a PCI compliance project. On their own, the price can vary depending on the scope. The larger the environment, the longer the scan will take. An approved scanning vendor will be able to give you an up-to-date quote.

Get a quote today

If you’re interested in our services, get a free, no obligation quote today by filling out the form below.