ASV Scan Cost & Pricing: Simple, Transparent, No Surprises

$80 per IP, per year. That covers all four mandatory quarterly scans, six free rescans per quarter, your Attestation of Scan Compliance, and full portal access. No setup fees. No per-retest charges. No invoice surprises at renewal.

 

$ 80
/year ✦ Annual
Cost Per IP:  $80 / IP / year
Number of IPs / Domains 1 IP
1510152025
🚀

Need More Than 25 IPs?

Need to scan more than 25 IPs or domains?
Contact us for a custom plan tailored to your scale — volume pricing, dedicated support, and flexible billing.

Contact Us for a Custom Plan

Officially listed on the PCI SSC Approved Scanning Vendor directory. Verify on PCI SSC

What's Included in Every ASV Scan Price Point

Every Secusy plan includes the same full scope of service, whether you’re scanning one IP or twenty-five.

Automated external vulnerability scan across all in-scope IPs and domains

Findings report classified by severity: Critical, High, Medium, and Low

Pass/Fail determination per PCI DSS ASV Program Guide requirements

Attestation of Scan Compliance (ASC) document upon passing, accepted by banks and acquirers

6 free rescans per quarter, so a first-time failure never costs you extra

Secure portal access to all scan results and historical reports

Email and phone support included at every tier

Results delivered within 24 hours of scan initiation

Secusy ASV is officially listed on the PCI Security Standards Council Approved Scanning Vendor list. All scans are performed in accordance with PCI DSS ASV Program requirements.

How Many IPs Do You Need to Scan?

Your annual cost depends entirely on how many external IPs or domains sit within your Cardholder Data Environment. Nothing else.

 

 

Business TypeIPs in ScopeAnnual ASV Scan Cost
SaaS startup or small online merchant1–3 IPs$80–$240/yr
Growing e-commerce or mid-market business4–7 IPs$300–$490/yr
Multi-property, larger or complex infrastructure8–25 IPs $520–$1375/yr
Enterprise or complex multi-IP environment25+Contact us 

Not sure how many IPs are in scope? Contact our team and we’ll help you define your CDE boundary before you commit to a plan.

Not sure if you need an ASV scan? Use our free compliance checker.

How Secusy Compares

FeatureSecusy ASVTypical ASV Vendor
Transparent PricingOften quote-based
Starting Price$80/yearVaries
Quarterly PCI Scans
Six Free Rescans Per QuarterOften limited
Secure Reporting PortalVaries
Compliance Reports (AOSC)
Support IncludedSometimes extra
Enterprise Pricing

Why Do ASV Scan Prices Vary?

ASV scan pricing varies across vendors, and for good reason, three factors account for almost all of the difference. Here’s how each one works.

IP Count Is the Primary Cost Driver

The number of external IPs or domains in your Cardholder Data Environment (CDE) is the single biggest driver of ASV scan cost. At Secusy ASV, pricing is $80 per IP per year; straightforward, with no base fee on top.

Because PCI DSS requires quarterly scanning, that per-IP rate covers four scans annually. A single-IP environment costs $80/year, working out to $20 per quarterly scan. A 10-IP environment costs $800/year; still $20 per IP per scan, with no scaling penalty.

Before each scan cycle, audit your external IP footprint against your network diagram. Decommissioned servers, non-production environments, and IPs that don't touch cardholder data should not be in scope. Every IP removed from scope is four fewer scan events per year.

Retest Fees Are Where Budgets Break

A clean pass on the first scan is not guaranteed; particularly for first-time scanners. Open ports, outdated TLS versions, and misconfigured services are common findings on first scans. Once you remediate, you need to rescan. Many vendors charge $50–$200 per retest. Two or three remediation cycles before a clean pass adds $100–$600 on top of your headline plan cost.

Secusy ASV includes 6 free rescans per quarter across all environments. Your first scan failure does not result in an additional invoice. That changes the real cost comparison with vendors like Qualys ASV or SecurityMetrics considerably once retest fees are factored in; not just the headline per-IP rate.

Annual Billing vs. Pay-As-You-Go

Quarterly PCI DSS compliance is mandatory; you will need four scans per year, every year. Vendors that bill per scan make the per-scan price look lower, but the annual total is almost always higher than a fixed annual rate once retest fees are included.

Secusy ASV prices annually. Your total ASV scan cost is fixed at the point of purchase: $80 per IP, per year, with no additions at renewal.

Ready to get compliant?

Fixed pricing. Six free rescans per quarter. Results in 24 hours.

Frequently Asked Questions About ASV Scan Cost

At Secusy, $80 per IP per year, covering all four mandatory quarterly scans. A single-IP environment costs $80/year total, working out to $20 per quarterly scan. A 10-IP environment costs $800/year. No base fees, no per-retest charges on top.

A general vulnerability scan and a PCI ASV scan aren't the same thing. ASV scans must be performed by a PCI SSC-listed vendor using certified tooling and meet specific programme requirements. That's what determines the cost: not just the scanning itself, but the compliance infrastructure behind it. At Secusy, that starts at $80/IP/year.

The ASV scan scope covers all external-facing IPs and domains within your Cardholder Data Environment, servers, firewalls, load balancers, or any internet-accessible system that stores, processes, or transmits cardholder data. Internal IPs, test environments, and systems outside your CDE should not be in scope. Getting the scope right before purchase matters: every IP in scope is four scan events per year. If you're unsure, contact us and we'll help you define your CDE boundary before you commit.

Your scan report details every vulnerability found across your in-scope IPs, classified by severity: Critical, High, Medium, and Low. It includes a Pass/Fail determination against PCI DSS ASV Program Guide requirements. If you pass, your Attestation of Scan Compliance is issued from the same report. If you fail, the report tells you exactly what to fix before your rescan.

The ASC is the official document your acquirer or payment brand requires as evidence of a passing quarterly ASV scan. Secusy issues it immediately upon passing. It is accepted by all major banks and card brands globally.

You receive a detailed findings report with severity classifications and remediation guidance. Fix the identified issues and initiate a rescan. Secusy includes six free rescans per quarter at every tier. A first-time failure generates a report, not an extra invoice.

Yes. Six free rescans per quarter are included across all plans. Many vendors charge $50–$200 per retest; that's where budget overruns happen. At Secusy, your total cost is fixed at purchase regardless of how many remediation cycles you need before a clean pass.

Yes. Sign up, define your IP scope, and scans begin within 24 hours. Your findings report, historical scan records, and Attestation of Scan Compliance are all delivered through your secure portal; no manual coordination required.

Yes. Contact our team and we'll update your scope. If the change affects your IP count, your plan adjusts accordingly.

Our published pricing applies globally. If you have region-specific compliance requirements, invoicing needs, or currency preferences, contact us directly.