I'm planning to scan based from PCI DSS policy and upon checking, there's a PCI option profile that can be used. I've checked this profile and observed that the profile configuration only based on the number of parallel scan, packet delay, and port scanning. It doesn't show any PCI DSS related information on it.
Also, there's a PCI technical and exec report available. Can I use this report for PCI DSS result? Moreover, I've created a PCI template for the report. Is it better to use this than the PCI technical or exec report? My colleague said that we could only use PCI tech and exec report if we our approved scanning vendor.
Hoping for your insights on this! Thanks in advance!