Smart Security Scan
For a complete and detailed picture of all certificates, ‘open’ ports and vulnerabilities in your (web) applications and network environment.
The KeyTalk Smart Security Scan provides you with a detailed view of vulnerabilities in (web) applications and the network environment, such as TCP/UDP service scans, system configuration errors and expired SSL certificates.
What’s special is that you can use custom scanning scripts and commands, a large number of third party software integrations and your own scan packages and reports.
The Smart Security Scan is fully OWASP top 10 compliant, but we check more than that: Google malware, data leaks, shodan listing and DNS misconfiguration issues.
Smart Security Scan in Practice
The Smart Security Scan focuses on common vulnerabilities. By default, we check for SSL-related security problems. We display all measurable SSL/TLS certificates, including their validity, crypto keys used and algorithms. The status of ‘open’ gates is also included per IP, including connection support (TLS1.x and cyphers used).
- Hosting: the Smart Security Scan is available as a virtual appliance and hosted as a service. Agent installation on server or end-point is not necessary.
- Output: available as HTML or raw JSON data.
Technical details
The functionalities of the Smart Security Scan:
- OWASP 10 2017/2018 compliant (XSS, SQLi, BAC, SDA, CSRF, API, SESSION and Auth)
- General security test for web applications
- Basic SSL security tests (valid and weak ciphers)
- Extensive SSL Labs security tests (full SSL scan)
- Google Malware validation
- Data leak / leak investigation
- SHODAN listing validation
- TCP Network service scans
- UDP Network service scans
- BEAST/Poodle/Oracle/ SSL related scans
- Mail server security scan (DKIM, DMARC, SPF, Spam, Blacklisting)
- ShellShock
- SQL Injection
- Misconfiguration
- WordPress security scans
- Joomla security scans
- Web application firewall tests
- OWASP Secure Header tests
- Custom reports
- Create your own scan packages
- Recurring scans
- Implement custom security checking scripts
- WSDL Security scans
- PDF Reports
- Planned scans
- DNS Security
- IP Blacklisting check (SPAM)
- Mobile app
- On-premises scanning
- Easy application integration with custom code libraries
- Easy application integration with our API
Would you like to know more?
Do you wish to be provided with a demo, Proof of Concept or directly technical in-depth consultation with one of our PKI experts? Feel free to contact us, we are happy to think along with you!