Re: Quarterly PCI Scan

[Chad McDonald <Mcdonald () AUDITS GA GOV>]

I strongly endorse Qualys.  The interface is easy to use.  The reporting and remediation recommendations are great.  
Service and support, for me have been top notch.



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY@LIS=
TSERV.EDUCAUSE.EDU] On Behalf Of Doug Markiewicz
Sent: Wednesday, August 20, 2008 8:21 AM
To: SECURITY () LISTSERV EDUCAUSE EDU 
Subject: Re: [SECURITY] Quarterly PCI Scan

Feehan, Patrick wrote:
> Have any of you had good or bad experience with PCI quarterly scan vendor=
s?

I've had positive experiences with Qualys.  Their reporting is much better =
than some other solutions I've seen.  Support staff was responsive and seem=
ed to know what they were doing.  Some approved scanning vendors are essent=
ially resellers of services like Qualys so be on the look out for that.  No=
 sense paying a middle man.





Sincerely, 
Chad McDonald, CISSP, CISA, PMP
Information Systems Auditor
 
State of Georgia
Department of Audits and Accounts
Information Systems Audit and Assurance Services Division
270 Washington St., SW
Room 1-156
Atlanta, Georgia 30334-8400
Phone:  404.651.8754
Fax:  404.657-5539



Georgia Audits made the following annotations on Thu Aug 21 2008 07:14:11
---------------------------------------------------------------------
 
NOTICE: This e-mail (including attachments) may contain information that is confidential and legally privileged. If you 
are not the intended recipient, you are hereby notified that you have received this document in error and that any 
review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this in 
error, please notify the sender immediately by replying to this message and then deleting it.  
Thank you for your cooperation.
---------------------------------------------------------------------