Smart Security Scan

Smart Security Scan

For a complete and detailed picture of all certificates, ‘open’ ports and vulnerabilities in your (web) applications and network environment.

The KeyTalk Smart Security Scan provides you with a detailed view of vulnerabilities in (web) applications and the network environment, such as TCP/UDP service scans, system configuration errors and expired SSL certificates.

What’s special is that you can use custom scanning scripts and commands, a large number of third party software integrations and your own scan packages and reports.

The Smart Security Scan is fully OWASP top 10 compliant, but we check more than that: Google malware, data leaks, shodan listing and DNS misconfiguration issues.

Smart Security Scan in Practice

The Smart Security Scan focuses on common vulnerabilities. By default, we check for SSL-related security problems. We display all measurable SSL/TLS certificates, including their validity, crypto keys used and algorithms. The status of ‘open’ gates is also included per IP, including connection support (TLS1.x and cyphers used).

  • Hosting: the Smart Security Scan is available as a virtual appliance and hosted as a service. Agent installation on server or end-point is not necessary.
  • Output: available as HTML or raw JSON data.

Technical details

The functionalities of the Smart Security Scan:

  • OWASP 10 2017/2018 compliant (XSS, SQLi, BAC, SDA, CSRF, API, SESSION and Auth)
  • General security test for web applications
  • Basic SSL security tests (valid and weak ciphers)
  • Extensive SSL Labs security tests (full SSL scan)
  • Google Malware validation
  • Data leak / leak investigation
  • SHODAN listing validation
  • TCP Network service scans
  • UDP Network service scans
  • BEAST/Poodle/Oracle/ SSL related scans
  • Mail server security scan (DKIM, DMARC, SPF, Spam, Blacklisting)
  • ShellShock
  • SQL Injection
  • Misconfiguration
  • WordPress security scans
  • Joomla security scans
  • Web application firewall tests
  • OWASP Secure Header tests
  • Custom reports
  • Create your own scan packages
  • Recurring scans
  • Implement custom security checking scripts
  • WSDL Security scans
  • PDF Reports
  • Planned scans
  • DNS Security
  • IP Blacklisting check (SPAM)
  • Mobile app
  • On-premises scanning
  • Easy application integration with custom code libraries
  • Easy application integration with our API

Would you like to know more?

Do you wish to be provided with a demo, Proof of Concept or directly technical in-depth consultation with one of our PKI experts? Feel free to contact us, we are happy to think along with you!