Video Training Link from 3/12/2018: https://www.dropbox.com/s/1p227ma5ug1qlj0/2018-03-12%2014.14%20Hackerguardian%20etc%20Training.mp4?dl=0
User Guides (Includes General info like acceptable validation documents and comparison of services, PCI Scanning services, hackerproof, and PCI control senter for Acquirers): https://www.hackerguardian.com/help/manualmainpage.html?track=8470&s_track=7639
Hackerguardian Standard scans up to 5 IP 's (only external)
Hackerguardian Enterprise scans up 20 IP's daily (internal and external)
Hackerproof is Hackerguardian Enterprise with a site seal.
_________________________________________________________________________________
HackerGuardian is Comodo's PCI scanning service which allows customers to perform scans on externally facing targets, and internally facing targets (only with an enterprise license).
HackerProof:
HackerProof is Comodo's daily vulnerability scanning service which performs daily vulnerability scans one one FQDN per license. If a customer passes the daily vulnerability scans, they are issued a Hackerproof Trust Mark logo. A HackerProof license also includes an enterprise HackerGuardian Scanning license.
***** HG/HP: It takes 1-2 Business days not including weekends or Holidays for any review of a False Positive or A Report Pack creation.
WebInspector:
Web Inspector is a cloud based service that inspects your website for malware, detects any vulnerabilities to being attacked and protects your website from thousands of security threats, daily! It also embeds PCI compliance scanning (HG/HP) for E-commerce websites that accept credit card payments, to keep them compliant with the payment card industry's mandatory standards. Free for 90 days but no phone support or trust seal.
Hackerguardian Documentation and Common Resources
HG scanner ip address: 178.255.82.64/27 - If they want to scan their internal network we have the HG Agent software which creates a VPN between the scanner and there network to bypass the firewall. Note that PCI only requires scanning external scanning by an ASV
Note that PCI only requires scanning external scanning by an ASV.
Hackerguardian FAQs - http://www.hackerguardian.com/hackerguardian/faqs.html
Hackerguardian User's Manual - http://www.hackerguardian.com/help/manualmainpage.html
HackerGuardian PCI DSS - https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-1.pdf
HackerGuardian Reporting False Positives - https://www.hackerguardian.com/help/view-report-dss.html#Report_False_Positives
SAQ 3.2 - https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2.pdf?agreement=true&time=1480359485710
Hackerguardian/Hackerproof Common FAQs
HG SAQ Guide w/Screenshots: HG SAQ Guide Release 15.0.odt
Comodo HackerGuardian JIRA Roadmap
https://www.owasp.org/index.php/Testing_for_Reflected_Cross_site_scripting_(OWASP-DV-001)