Thought I would post this for those who are concerned about PCI compliance and CS-Cart. Our site was scanned today for the first time since going live and PASSED the first time.
This was huge for us as it was the main reason we changed carts in the first place and after all the work of switching carts after 7 years on the same one, this makes it all worth it. 
[quote name=‘ywalker’]Thought I would post this for those who are concerned about PCI compliance and CS-Cart. Our site was scanned today for the first time since going live and PASSED the first time.
This was huge for us as it was the main reason we changed carts in the first place and after all the work of switching carts after 7 years on the same one, this makes it all worth it. :D[/QUOTE]
Excellent news, that has to be a welcome relief I would guess! 
Btw, what type of hosting environment are you using for your store?
[quote name=‘ywalker’]Thought I would post this for those who are concerned about PCI compliance and CS-Cart. Our site was scanned today for the first time since going live and PASSED the first time.
This was huge for us as it was the main reason we changed carts in the first place and after all the work of switching carts after 7 years on the same one, this makes it all worth it. :D[/QUOTE]
Congratulations! And thanks for sharing the positive news with us.
Bob
Just a quick note that a successful PCI scan does not mean CS-Cart is PCI compliant. It only means with your current configuration, the scan did not find any vulnerabilities. CS-Cart actually is not PCI compliant as it has not been certified by the PCI Security Standards Council. According to CS-Cart they are working on meeting this in a future build. There are a number of features and issues with CS-Cart that make it not PCI compliant.
Jeff
I am on a VPS with WiredTree hosting and I must say I am very satisfied with them so far. We threw a lot at them before the site launched and they were able to handle it. I also like the telephone support although opening a ticket also get’s fast response.
[quote name=‘jmottle’]Just a quick note that a successful PCI scan does not mean CS-Cart is PCI compliant. It only means with your current configuration, the scan did not find any vulnerabilities. CS-Cart actually is not PCI compliant as it has not been certified by the PCI Security Standards Council. According to CS-Cart they are working on meeting this in a future build. There are a number of features and issues with CS-Cart that make it not PCI compliant.
Jeff[/QUOTE]
Well Jeff, that’s all good too. That just means when they catch up, we are ready for them. That does not deflate my joy over passing the scan, I have had more than my share of failed scans with nothing I could do about it and I have been paying the fines imposed by my Bank for the past 5 months which will now go away.