CoalfireOne℠ - Scans Newsletter

Jan 2017 | Volume 5

New Dispute Processes and Changes

We are excited to announce a change that will save time and add convenience for CoalfireOne℠ users!

To improve the scanning services Coalfire provides, we are making a change to Non-ASV scans, such as Internal scans, or those who opt for security-only External scans. 

With these changes, any disputes submitted for Internal or Non-ASV External scans will be automatically accepted. PCI regulations do not require an ASV to review disputes for any Internal or general security External scan. This will eliminate the time consuming process of having disputes reviewed in order to achieve a passing status, and allow for more focus to be put on the remediation of the issues identified by the scan.

As always, if you have any questions about these changes or any scan questions, you can reach out to the ScanDesk support team by submitting a ticket to scandesk@coalfire.com.

Need Assistance Scanning?

  • Coalfire has added:
    • Training videos: to assist with creating internal/external scans and how to generate reports
    • User Guides: Additional documentation with internal/external scans, PCI Scans, Lighthouse Installation and the disputing process.
  • To find the training videos and user guides, use the following link:  http://one.coalfire.help/2016/10/19/vulnerability-scans/

Faster External Scans

  • External scans now run on parallel engines rather than individual external engines. This means that that CoalfireOne is now 5 times faster at running external scans and will be maintaining higher scan loads.

In order to provide a higher quality of service for our internal scan customers, CoalfireOne will be migrating Lighthouse endpoints in the next few months. In order to prepare for this we ask that you whitelist the following through your firewalls:

  • UDP port 1194 on 52.45.235.27
  • TCP port 443 on 52.202.185.133

Did you know?

  • Per PCI guidelines, disputes can be accepted for a period no longer than 90 days. CoalfireOne has a “Disputes by Vulnerability” option to lighten the load of submitting disputes from quarter to quarter.
  • Timely dispute response. Once a dispute is submitted, you will receive information if the dispute has been accepted or rejected within 5 business days. If the disputes have been rejected, a detailed explanation will be provided by a CoalfireOne representative.

Have a question about CoalfireOne?

The ScanDesk is ready to help. M-F: 6 AM-6 PM MT
650-597-4510 | scandesk@coalfire.com

<< Go Back

 

Friendly Reminders

Scan at least Monthly

  • Vulnerabilities are discovered every day. Coalfire recommends you to run automatic scans at least monthly, so you’ll always have the current vulnerability information for your hosts. This also allows those who complete ASV scans to identify vulnerabilities on hosts sooner, allowing for time to remediate before the end of the 90-day period.
Removal of SSL and early TLS
  • “SSL and early TLS have been removed as an example of strong cryptography in the PCI DSS. These protocols will no longer protect cardholder data – and can no longer be used as a security control after June 30, 2016 or June 20, 2018 for Merchants.” – PCI Council.
  • Even though the migration deadline for early TLS is June 20, 2018, a mitigation and migration plan is required to be in place now. As your ASV, a dispute will not be approved unless a migration and mitigation plan has been attested to.

CoalfireOne standard maintenance windows:

Every other Monday
4:00 - 6:30 PM PT

Every Thursday
12:00 - 3:00 PM PT