AnsweredAssumed Answered

PCI External Network Scan vs PCI Web Application Scan

Question asked by shanmugammanian on Dec 13, 2016
Latest reply on May 29, 2018 by djprakash

I could see below description for both PCI External IP scan vs Web Application Scans 


PCI External Network Scans
The Network section is where you manage your quarterly external network scans, per PCI DSS v3.0 requirement 11.2.2.
PCI Web Application Scans
The Web Applications section is where you manage scans of your public-facing web applications and review detected vulnerabilities, per PCI DSS v3.0 requirement 6.6.


 My Question is what is the basic difference between these two ? Is there any possibility of overlapping of vulnerabilities if we do the external IP and web Application scans if we do ? 


Is PCI External Network scans works based on VM module or PCI Web application scan works based on WAS module? Is there any extra checks or tests included for PCI ?  Or they are having less tests ?
I have tried to go through the guides but not able to fetch more info related to what are the things exactly scanned . 
Could someone  please help on this ?