Case Study: Czech Airlines achieves automated PCI DSS compliance and streamlined vulnerability management with Qualys

Czech Airlines - Customer Case Study

Czech Airlines, a major international carrier, needed a more effective way to manage IT vulnerabilities and meet PCI DSS requirements across its Prague core systems and global offices. Its previous mix of open‑source tools and quarterly ASV scans produced individual HTML reports, many false positives, and required days of manual parsing—an unsustainable burden as the infrastructure grew.

The airline deployed QualysGuard, an on‑demand, ASV‑certified vulnerability management service that automated frequent scans and delivered accurate, actionable reports. The result: regular automated scanning of external, internal and PCI systems, far fewer false positives, elimination of the monthly manual report work, more efficient risk management, and maintained PCI compliance at no additional external cost, with plans to expand coverage and integrate results into their ticketing system.

Czech Airlines

Tomas Fencl

Security and Technical Architect