Rapid7: First ASV having its employees qualified as per the new PCI requirements

Blog Post created by techeditor on May 21, 2011

Originally Posted by Didier Godart


Rapid7 is one of the 152 worldwide vendors approved by PCIco (the compliance body) to perform PCI scans of merchants and service providers’ external infrastructures.


To be considered ASV (Approved Scanning Vendor), a company must pass an annual test consisting of a scan of a specific vulnerable infrastructures (Lab) controlled by independent laboratories on behalf of PCIco.


As of mid-April 2011, in addition to the above annual testing PCIco requires that two of the ASV employees get qualified as QAE (Qualified ASV Employee).


This new certification consists of an online training of 7 modules (237 slides) about everything one could ever know about PCI. Candidates have 14 days to take the course and associated test (60 questions).


As usual Rapid7 took the  initiative and immediately registered two candidates.


Today we are proud to be the first of the 152 ASVs out there  having completed this process.


Having our employees qualified is the best way to serve our customers.


Didier Godart