Meraki

Community
  • About PCIQSA

About PCIQSA

Re: Vulnerability Scan

by in Security & SD-WAN
12 hours ago
12 hours ago
Hello,   Thank you for the information. We understand that Meraki is a PCI DSS L 1 SP and that Cisco performs authenticated vulnerability scans on the infrastructure it manages as part of its own compliance.   However, this requirement remains a shared responsibility. Cisco’s authenticated scans cover only Meraki’s internal infrastructure, whereas our customer is required to perform authenticated vulnerability scans on their own PCI-in-scope network components including the Meraki appliances deployed in their environment.   In other words, Cisco’s scans do not replace the customer’s obligation to perform authenticated scans on devices within their PCI scope. This is why we are looking to confirm how authenticated scanning can be achieved on the customer’s side for their Meraki-deployed network components.   Kind regards, ... View more

Vulnerability Scan

by in Security & SD-WAN
13 hours ago
13 hours ago
Hello,   One of our customers uses Cisco Meraki for its network infrastructure, and as part of the PCI DSS requirements, we need to perform authenticated vulnerability scans. We have tested several approaches to initiate authenticated scans through Qualys, but unfortunately, none of them have been successful so far.   Do you have any recommendations or guidance on how this could be achieved, or alternative approaches that would be acceptable in this context?   Thank you in advance.   Kind regards, ... View more
Labels:
© 2025 Cisco Systems, Inc.