Internal and External Scanning
Scale large complex environments
The CoalfireOne scanning platform is robust and can scale to support large enterprise environments up to 1,000,000 internal targets and 100,000 external targets.
Manage your scans as a continuous project
Setup and configure projects to manage all your scanning needs. Scheduling your scans is as easy as creating a meeting in Outlook.
Dashboard and Overview
Our overview dashboard surfaces the most important information, highlighting what to do right away. Our intelligence engine will reduce the arduous task of meeting compliance, helping you discover the most important items to research and remediate to meet your compliant status.
Project level access control
Supports large complex enterprises that need to keep data segmented. Manage various scanning projects and delegate access and control to those individuals with a need to know.
Manage your in-scope assets
Import and setup scanning assets/targets. Quickly add and remove thousands of targets in bulk, see the schedules they are associated with, and get them scheduled in bulk.
View impacts to hosts
View aggregated information for individual hosts and vulnerabilities. Quickly get a view into the size and potential threats by seeing the entire picture.
In addition to everything the Internal and External scanning solutions offer, our ASV scanning solution is your easiest path to compliance. Our new platform is the most comprehensive ASV solution on the market. We can help you organize your ASV program, resulting in running fewer scans and managing fewer disputes, making it less tedious and time-consuming to reach compliance.
Leverage ASV-certified experts
Access to the CoalfireOne Scanning Services team is included with your subscription. Our ASV-certified professionals can help you understand compliance and how you can manage risk. As certified PCI ASVs we are authorized to provide guidance for the PCI scanning requirements, assist in determining scope, and work with you to address remediation or dispute of discovered vulnerabilities.
Submit and manage disputes efficiently
Handling most reoccurring disputes, which typically take days to complete, and manage them in minutes. CoalfireOne helps you focus on the newest findings, by associating formerly disputed findings, and making them accessible for resubmission, keeping your workload small and your quarterly compliance easy to manage.
Manage special hosts and notes
Reduce redundant efforts with documenting special notes, for every scan, to just a few minutes every year.
View vulnerability pass/fail information
Gain the ability to parse through the data according to your desired workflow. Understand what the vulnerability is, why it’s there, and get recommendations on how to fix it.
Generate reports for each of your project-enabled scans, including multiple AOSC’s.
Full-service vulnerability scans
The CoalfireOne Scanning Services Team manages your vulnerability scans using CoalfireOne, allowing unlimited rescans on demand throughout the subscription. We handle everything from setting up your scans, ensuring your scans are complete, analyzing results, submitting disputes, and providing a passing attestation.
The CoalfireOne Scanning Services Team becomes subject matter experts work directly with your organization’s personnel to scan your in-scope environment. The benefits include:
- Reducing costs - Save your organization the cost of hiring full-time employees.
- Strengthening team - Reduce the burden and increase staff productivity by refocusing them on priority business.
- Scheduling regular scans - Simplify PCI compliance by reducing the risk of missing quarterly compliance requirements.
Self-service vulnerability scans
You will self-manage vulnerability scans using CoalfireOne Scans, allowing unlimited rescans on demand throughout the subscription. Access to the CoalfireOne Scanning Services Team is available for support as needed.
Coalfire provides you with access to CoalfireOne Scans, our proprietary and powerful internal, external, and ASV self-service vulnerability scans platform to help you easily identify vulnerabilities. The benefits include:
- Staying ahead of adversaries - Manage scans from a secure dashboard for a range of organizational IP addresses.
- Scheduling scans - Scan when needed – on-demand or on a predetermined schedule to meet a deadline.
- Helping address vulnerabilities - Manage findings, remediation, and disputes online with assistance from PCI-certified ASV assessors, all within the user-friendly CoalfireOne Scans portal.
Scans Newsletter- October 1, 2019
Scans Notification- September 17, 2019
Scans Newsletter - July 1, 2019
Scans Notification - May 9, 2019
Scans Newsletter - April 1, 2019
Scans Notification - March 19, 2019
Scans Notification - March 7, 2019
Scans Notification - February 14, 2019
Scans Newsletter - January 10, 2019
Scans Newsletter - October 4, 2018
Scans Newsletter - April 3, 2018
Scans Newsletter - January 10, 2018
Scans Newsletter - October 2, 2017
Scans Newsletter - July 11, 2017
Scans Notification - June 14, 2017
Scans Newsletter - April 4, 2017
Scans Newsletter - January 10, 2017
Scans Newsletter - October 21, 2016
Scans Newsletter - August 8, 2016
Scans Newsletter - April 18, 2016
April 03, 2019, Beck Larson, Director, Coalfire Labs
As you may be aware by now (considering previous blog posts, ongoing walk-through webinars, and our press release), we released Coalfire’s brand new vulnerability scanning platform, CoalfireOne Scans, this morning. All of us here at the CoalfireOne Scanning Services Team are truly excited to see its many improvements around overall user experience, particularly the significantly reduced time spent on dispute cycles and the ability to create custom reporting. The new platform, which provides our PCI Approved Scanning Vendor (ASV) service featuring internal and external scans while enabling easy collaboration and project management, will provide users with smooth navigation, a robust database to ensure fast processing speeds, and scalable IP scanning capabilities. Read more
March 14, 2019, Travis Finn, Consultant, CoalfireOne Scanning Services
Part of the glamorous life of an ASV involves a rigorous Quality Assurance program to ensure that we are the best ASV's we can possibly be. Some of those efforts are not as readily apparent to our clients as others; but on some occasions, we like to share when our work directly benefits those who trust Coalfire to help reduce their risk and simplify compliance. Read more
February 22, 2019, Marco Brown, Associate, CoalfireOne Scanning Services
Gathering evidence, applying patches, and configuring your systems in preparation for submitting your vulnerability disputes can be a nerve-wracking and daunting task. To better enhance your understanding of the Approved Scanning Vendor (ASV) process, I’ve outlined some coping mechanisms and tools to use. Read more
January 18, 2019, James Cox, Support Analyst, CoalfireOne Scanning Services, Coalfire
Scan interference is best defined as when traffic from our scanners gets blocked, filtered, dropped, or modified in response to some sort of active protection system not recognizing our traffic. Once our scanners are flagged as an intruder, the client’s environment is no longer accessible, which causes the scan to fail. In order to ensure that reliable scans can be conducted, our scanners must be allowed to perform scanning without this interruption.. Read more
January 08, 2019, Erica Woods, Associate, Commercial Services, Vulnerability Assessments and Scanning, Coalfire
PCI-DSS can be challenging to navigate – particularly when it comes to the ASV scanning requirements. While fulfilling the scanning requirement is easy, obtaining a passing attestation report may involve more than simply remediating failed findings. One requirement that we receive many questions about is Special Notes. Read more
February 02, 2017, Rebecca Larson, ScanDesk Director, Coalfire
In the compliance realm, the term “quarterly” seems to be a sound and straight-forward term used to provide guidance and to aid entities in adhering to requirements. However, it’s meaning can vary based on its context in relation to dealing with various compliance requirements from your ASV and QSA. Read more