The scope covered the below:
- Perform quarterly vulnerability scanning for our customer as per the PCI regulations.
- Perform security vulnerability scanning with certified tools
- Verify all findings manually to discard the false positive results from the tool
- Create the PCI approved reports (executive summary, technical and attestation of scan compliance) quarterly
- Provide support in any security issues that are discovered and needs to be addressed