beSECURE will test your IPs by sending thousands of queries (tests) from our IP addresses. A hacker will use a botnet to send one query (attack) to your IP address from a thousand (or ten thousand) other IP addresses.
After the first 12-200 of our tests arrive at one of your IP addresses, your Intrusion Protection System (IPS) will properly identify our IP address as an attacker and will stop accepting any further traffic from it. So our full test range will not have a chance to produce a result.
A hacker can easily get all their tests done because they are doing relatively few tests from each IP address. They slip in under the IPS radar.
The PCI Data Security Standard requires that you whitelist the IP address of the testing company (ASV).
For a list of IP addresses to whitelist, see What IP addresses do I need to whitelist?