CoalfireOne℠ - Scans Newsletter

October 21, 2016 | Volume 4

New Dispute Processes and Changes

We are excited to announce a change that will save time and add convenience for CoalfireOne℠ users!

To improve the scanning services Coalfire provides, we are making a change to Non-ASV scans, such as Internal scans, or those who opt for security-only External scans. 

With these changes, any disputes submitted for Internal or Non-ASV External scans will be automatically accepted. PCI regulations do not require an ASV to review disputes for any Internal or general security External scan. This will eliminate the time consuming process of having disputes reviewed in order to achieve a passing status, and allow for more focus to be put on the remediation of the issues identified by the scan.

As always, if you have any questions about these changes or any scan questions, you can reach out to the ScanDesk support team by submitting a ticket to

Reminder of New Scanning Engine IPs

 This upgrade was completed on September 25th, 2016.

The new scanning engine IP addresses are:


The new IP addresses for the scanning engines will need to be whitelisted if the previous IP addresses had been whitelisted and the old IPs (, should be removed from any whitelisting.

Did you know?

  • Per PCI guidelines, disputes can be accepted for a period no longer than 90 days. CoalfireOne has a “Disputes by Vulnerability” option to lighten the load of submitting disputes from quarter to quarter.
  • Timely dispute response. Once a dispute is submitted, you will receive information if the dispute has been accepted or rejected within 5 business days. If the disputes have been rejected, a detailed explanation will be provided by a CoalfireOne representative.

Have a question about CoalfireOne?

The ScanDesk is ready to help. M-F: 6 AM-6 PM MT
650-597-4510 |

<< Go Back


CoalfireOne℠ Overview

Coalfire's CoalfireOne℠ SaaS solutions provide the testing, scanning, documentation, reporting tools, and auditor support you need to effectively maintain organization compliance while ensuring protection from data breaches.

CoalfireOne services include:

  • PCI
  • Internal/External Scanning
  • Financial Services
  • Risk Management

"SSL and early TLS have been removed as an example of strong cryptography in the PCI DSS – these protocols will no longer protect cardholder data - and can no longer be used as a security control after June 30, 2016 or June 20, 2018 for Merchants.”

- PCI Council

CoalfireOne standard maintenance windows:

Every other Monday
4-6:30 PM PT

Every Thursday
12-3 PM PT