Official PCI ASV Scan Pricing

Annual, prepaid subscriptions with quarterly PCI DSS ASV scans, unlimited re-tests (90-day window), and encrypted reports. Choose a plan below, then add IPs or services as needed.

Best value

Standard

$299 / year
  • PCI ASV scan for 1 IP or domain
  • Quarterly ASV scans
  • Unlimited re-tests within 90 days
  • Encrypted PDF report & ASV attestation
  • Email support (next-business-day)
Get Standard — $299/yr Start Free Scan

Entreprise

$399 / year
  • Everything in Standard
  • PCI ASV scan for 5 IPs or domains each quarter
  • 30-min remediation review each quarter
  • 48-hour express re-test after fixes
  • Priority email support (same-day)
Get Entreprise — $399/yr Have questions?

Add-ons

Start with a plan, then add what you need. IP packs are recurring; services are one-time.

Scale IPs

+5 IPs/Hosts

$149 / year

Stacks with your plan. Add more IPs as your footprint grows.

Add to order
Docs

Policy Pack Templates

$99 one-time

Editable DOCX: AUP, Incident Response, Access Control, Password, & more.

Add to order
Expert help

Priority Call + Express Re-test

$79 one-time

Remediation call and an expedited re-test for your next scan cycle.

Add to order
All-in-one

Managed PCI Bundle

$699 / year
  • ASV Plus plan
  • SAQ Done-For-You
  • Policy Pack Templates
  • Quarterly 30-min review call
Get Managed Bundle — $699/yr
Tip: Most single-site merchants start on Standard at $190/yr and add an IP pack only if needed later.

FAQ — PCI ASV Scans & Compliance

What is a PCI ASV Scan?

A PCI ASV Scan is a quarterly external vulnerability scan performed by an Approved Scanning Vendor (ASV) as required by the PCI DSS. It generates an official Attestation of Compliance (AoC) accepted by acquiring banks and processors.

How often do I need a PCI ASV Scan?

PCI DSS requires quarterly PCI ASV scans (every 90 days) and re-scans after remediation until you pass. Our plans include unlimited re-scans at no extra cost.

What happens if my PCI ASV Scan fails?

No worries — you can fix the issues and rerun the scan as many times as needed until you pass. Each re-scan is included in your subscription.

Will my bank accept the PCI ASV Scan report?

Yes. Reports and attestations are issued via an Approved Scanning Vendor (ASV), and are bank-ready for PCI DSS compliance validation.

What counts as one “target” for a PCI ASV Scan?

One target is either a single public IP address or a single domain. If you operate multiple domains or servers, each requires its own target license.

How long does a PCI ASV Scan take?

Most scans finish in 1–4 hours depending on the network and scope. You’ll receive an email notification when the report is ready in your portal.

Can I switch targets during my PCI ASV Scan subscription?

Yes. You can update which IP/domain is covered as your infrastructure changes, as long as you stay within the number of targets in your plan.

Can I upgrade if I need more PCI ASV Scans later?

Absolutely. You can move from 1 target ($190/yr) to 10 or 25 targets, or request a custom quote. We’ll prorate your subscription so you only pay the difference.

How do billing, refunds, and cancellations work?

Subscriptions are annual. We offer a 7-day money-back guarantee if no scan has been executed. You can cancel renewal anytime from your customer portal.

icon 1,650 PCI scans performed this month