$80 per IP, per year. That covers all four mandatory quarterly scans, six free rescans per quarter, your Attestation of Scan Compliance, and full portal access. No setup fees. No per-retest charges. No invoice surprises at renewal.
Need to scan more than 25 IPs or domains?
Contact us for a custom plan tailored to your scale — volume pricing, dedicated support, and flexible billing.
Officially listed on the PCI SSC Approved Scanning Vendor directory. Verify on PCI SSC →
Every Secusy plan includes the same full scope of service, whether you’re scanning one IP or twenty-five.
Automated external vulnerability scan across all in-scope IPs and domains
Findings report classified by severity: Critical, High, Medium, and Low
Pass/Fail determination per PCI DSS ASV Program Guide requirements
Attestation of Scan Compliance (ASC) document upon passing, accepted by banks and acquirers
6 free rescans per quarter, so a first-time failure never costs you extra
Secure portal access to all scan results and historical reports
Email and phone support included at every tier
Results delivered within 24 hours of scan initiation
Secusy ASV is officially listed on the PCI Security Standards Council Approved Scanning Vendor list. All scans are performed in accordance with PCI DSS ASV Program requirements.
Your annual cost depends entirely on how many external IPs or domains sit within your Cardholder Data Environment. Nothing else.
| Business Type | IPs in Scope | Annual ASV Scan Cost |
|---|---|---|
| SaaS startup or small online merchant | 1–3 IPs | $80–$240/yr |
| Growing e-commerce or mid-market business | 4–7 IPs | $300–$490/yr |
| Multi-property, larger or complex infrastructure | 8–25 IPs | $520–$1375/yr |
| Enterprise or complex multi-IP environment | 25+ | Contact us |
Not sure how many IPs are in scope? Contact our team and we’ll help you define your CDE boundary before you commit to a plan.
| Feature | Secusy ASV | Typical ASV Vendor |
|---|---|---|
| Transparent Pricing | ✓ | Often quote-based |
| Starting Price | $80/year | Varies |
| Quarterly PCI Scans | ✓ | ✓ |
| Six Free Rescans Per Quarter | ✓ | Often limited |
| Secure Reporting Portal | ✓ | Varies |
| Compliance Reports (AOSC) | ✓ | ✓ |
| Support Included | ✓ | Sometimes extra |
| Enterprise Pricing | ✓ | ✓ |
ASV scan pricing varies across vendors, and for good reason, three factors account for almost all of the difference. Here’s how each one works.
The number of external IPs or domains in your Cardholder Data Environment (CDE) is the single biggest driver of ASV scan cost. At Secusy ASV, pricing is $80 per IP per year; straightforward, with no base fee on top.
Because PCI DSS requires quarterly scanning, that per-IP rate covers four scans annually. A single-IP environment costs $80/year, working out to $20 per quarterly scan. A 10-IP environment costs $800/year; still $20 per IP per scan, with no scaling penalty.
Before each scan cycle, audit your external IP footprint against your network diagram. Decommissioned servers, non-production environments, and IPs that don't touch cardholder data should not be in scope. Every IP removed from scope is four fewer scan events per year.
A clean pass on the first scan is not guaranteed; particularly for first-time scanners. Open ports, outdated TLS versions, and misconfigured services are common findings on first scans. Once you remediate, you need to rescan. Many vendors charge $50–$200 per retest. Two or three remediation cycles before a clean pass adds $100–$600 on top of your headline plan cost.
Secusy ASV includes 6 free rescans per quarter across all environments. Your first scan failure does not result in an additional invoice. That changes the real cost comparison with vendors like Qualys ASV or SecurityMetrics considerably once retest fees are factored in; not just the headline per-IP rate.
Quarterly PCI DSS compliance is mandatory; you will need four scans per year, every year. Vendors that bill per scan make the per-scan price look lower, but the annual total is almost always higher than a fixed annual rate once retest fees are included.
Secusy ASV prices annually. Your total ASV scan cost is fixed at the point of purchase: $80 per IP, per year, with no additions at renewal.
Fixed pricing. Six free rescans per quarter. Results in 24 hours.
A general vulnerability scan and a PCI ASV scan aren't the same thing. ASV scans must be performed by a PCI SSC-listed vendor using certified tooling and meet specific programme requirements. That's what determines the cost: not just the scanning itself, but the compliance infrastructure behind it. At Secusy, that starts at $80/IP/year.
The ASV scan scope covers all external-facing IPs and domains within your Cardholder Data Environment, servers, firewalls, load balancers, or any internet-accessible system that stores, processes, or transmits cardholder data. Internal IPs, test environments, and systems outside your CDE should not be in scope. Getting the scope right before purchase matters: every IP in scope is four scan events per year. If you're unsure, contact us and we'll help you define your CDE boundary before you commit.
Your scan report details every vulnerability found across your in-scope IPs, classified by severity: Critical, High, Medium, and Low. It includes a Pass/Fail determination against PCI DSS ASV Program Guide requirements. If you pass, your Attestation of Scan Compliance is issued from the same report. If you fail, the report tells you exactly what to fix before your rescan.
The ASC is the official document your acquirer or payment brand requires as evidence of a passing quarterly ASV scan. Secusy issues it immediately upon passing. It is accepted by all major banks and card brands globally.
You receive a detailed findings report with severity classifications and remediation guidance. Fix the identified issues and initiate a rescan. Secusy includes six free rescans per quarter at every tier. A first-time failure generates a report, not an extra invoice.
Yes. Six free rescans per quarter are included across all plans. Many vendors charge $50–$200 per retest; that's where budget overruns happen. At Secusy, your total cost is fixed at purchase regardless of how many remediation cycles you need before a clean pass.
Yes. Sign up, define your IP scope, and scans begin within 24 hours. Your findings report, historical scan records, and Attestation of Scan Compliance are all delivered through your secure portal; no manual coordination required.
Yes. Contact our team and we'll update your scope. If the change affects your IP count, your plan adjusts accordingly.
Our published pricing applies globally. If you have region-specific compliance requirements, invoicing needs, or currency preferences, contact us directly.