Unlike the Qualys PCI Compliance dashboard, the new PCI provided by TrustedSite is closely integrated with our vulnerability scanning service. If you’re new to the service, you can find some helpful tips for getting started below.
Finding and managing your targets
After the migration, your targets can be found in the Scanning & Compliance menu under Targets.
You can see that a checkmark in the PCI column indicates that a target is currently in PCI scope with the PCI service active.
You can add or remove targets by clicking the Manage Services button at the top of the Overview page.
Scan results and false positives
Once your scans are completed, you can review scan results by clicking on a target and then selecting Scan Results in the top navigation bar. Under Vulnerabilities, anything that has a checkmark in the PCI column will cause you to fail your compliance scans.
In that same box, you’ll also see the option to resolve vulnerabilities. This allows you to submit false positives. Simply select vulnerabilities by clicking the checkbox and then hitting the Resolve Checked button.
Once submitted, the vulnerability will no longer appear in scan results. All resolved vulnerabilities are valid for 90 days and will be reviewed for approval with your next attestation report.
To generate a report, simply click on Reports in the left navigation bar and select the type of report you'd like to generate. Follow the prompts to complete the report.
Drafts, pending, approved or rejected reports will appear in the PCI Compliance section also accessed through the left navigation bar.