RedHat has PCI DSS compliance scanners and utilities. Pricing can be found on their website or by callling directly. CentOS generally gets many PCI DSS compliant backports by RedHat but they may have their own tools. There are also third party scanners from companies such as Comodo.
I must admit that I don't understand how an external scanner can reliably audit for PCI DSS given that it can only see a limited set of information that you let it see. How much can be hidden? I think the internal tools sound worthy of investigation.
I second to that – along with third party tools, it’s essential to use internal tools as well. And if possible, hire a certified consultant for PCI DSS certification. It helps to mitigate the security gaps quickly.
