this document is for:

Deployment: Invicti Platform on-demand
Package: Ultimate and Professional

PCI ASV scan

With Invicti Platform, you can efficiently perform PCI DSS scans through our Approved Scanning Vendor (ASV) partner, Clone Systems. This streamlined integration enables you to conduct official PCI DSS scans and generate approved compliance reports aligned with your organization’s security and regulatory needs.

warning

PCI ASV scans are available exclusively to Invicti Platform on-demand users. If your organization requires PCI ASV reporting, contact your Customer Success Manager (CSM) to activate this capability.

Prerequisites

Before running a PCI ASV scan, make sure your environment is configured for complete PCI coverage by adding the required IP addresses to your trustlist:

• Trustlist requirements for the US region
• Trustlist requirements for the EU region

Launch a PCI ASV scan

1. Select Scans  > PCI ASV scans from the left side menu.
2. Click New scan in the upper-right corner.
3. Choose the Scan target and specify how you would like to run the scan. The available options here are:
   • Immediately
   • Scheduled - refer to Scheduled future scan for more information.
   • Recurring - refer to Recurring scan for more information.
4. Click Start or Schedule scan, depending on the option you selected.
5. The scan appears on the PCI ASV scans page.

View scan detail

After starting a PCI ASV scan, you can view its details to monitor progress or review results:

• In Scans > PCI ASV scans, choose a scan from the list to open the detail page.
• Each scan shows a PCI compliance logo with the status: Passed or Failed.
• Scan duration and progress percentage are displayed.
• The scan activity section shows progress updates with timestamps.
• Use the Download ZIP button to download the reports.

Download PCI ASV reports

You can download the PCI ASV reports once a scan is completed (Passed or Failed):

1. In Scans > PCI ASV scans page, locate the completed scan.
2. Click Download last ZIP on the right.

Alternatively, open the scan detail by clicking on the completed scan and then click Download ZIP.

The ZIP file includes these three reports:

• Attestation report - official compliance confirmation
• Detailed report - full technical results
• Executive report - summary for management

Go to the settings, to configure the information you see in the reports. For instructions, refer to the PCI ASV settings document.

---

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center