If you process credit cards online, in order to effectively protect your website against hackers, you should always perform the following two different types of Vulnerability Scans on your website - otherwise you could be leaving gaping holes in your online security.

The most important Vulnerability Scanner tool for online merchants is PCI Scanning

PCI Scanning is a type of vulnerability scan that is regulated by the PCI SCC (Payment Card Industry Security Standards Council), and is required to be performed regularly by any businesses that process credit cards.

In a nutshell, a PCI vulnerability scan seeks out and detects security holes in websites, servers, applications and networks. By checking these target systems against a database of known vulnerabilities, it can detect holes in a system where a hacker could potentially gain access and steal credit card data or other sensitive information. Once the PCI Scan is complete, it sends you a full report of any known vulnerabilities it finds, along with helpful instructions on how to resolve it, so that you can prevent any security breaches from happening to your business

The second most important Vulnerability Scanner is Malware Scanning

While PCI Scanning is ideal for finding any external vulnerabilities and plugging any undiscovered security holes, it isn’t really made to detect any malicious files that already existed before the scan, or that happened to make it through due to human error or a new vulnerability. This is where malware vulnerability scanners come in handy.

Typically a malware scanner searches your files for suspicious or malicious code, based on patterns from millions of data points that have been collected from other websites across the internet. Using heuristics, or artificial intelligence, when a questionable piece of code is located on one of your pages, the malware scan detects it and alerts you, so you can investigate it and remove it before it causes any serious issues or problems.

In Today’s world, you need both PCI Scanning and Malware Scanning

A perfect example of why you need both types of scans can be easily illustrated using the example of a fridge full of cheese and a mouse.

Having PCI Scanning only is like having a fridge with a hole in it where mice can get in and steal your cheese. If you check the fridge for holes and seal them off, then the fridge is safe from mice (in theory). But, what if the mouse was already in the fridge before you sealed the hole? Or, what if the mouse finds a new hold that you didn’t find originally? The mouse could eat all your cheese!

On the other hand, having Malware Scanning only is like having an alarm that goes off anytime a mouse gets in the fridge. Thanks to the alarm you could easily catch the mouse, but if you don’t seal the hole that let the mouse in in the first place, then more mice could keep getting into the fridge and setting off the alarm.

Bottom line, if you don’t have both PCI Scanning and Malware Scanning, then you are opening up your business to unnecessary risk that could potentially lead to a breach.

Are there any Security Solutions that provide both PCI and Malware Scanning together?

With so many companies being breached by hackers, you need both solutions working together to actively protect your website. A vulnerability scanner, like Trust Guard®, can play a vital role in preventing any cyber attacks from happening, by scanning your website daily using the latest External PCI Scanning and Internal Heuristic Malware Scanning solutions - all in a simple, effective, easy to use control panel.