logo
logo

Smart Security Scan

For a complete and detailed picture of all certificates, ‘open’ ports and vulnerabilities in your (web) applications and network environment.

The KeyTalk Smart Security Scan provides you with a detailed view of vulnerabilities in (web) applications and the network environment, such as TCP/UDP service scans, system configuration errors and expired SSL certificates.

What’s special is that you can use custom scanning scripts and commands, a large number of third party software integrations and your own scan packages and reports.

The Smart Security Scan is fully OWASP top 10 compliant, but we check more than that: Google malware, data leaks, shodan listing and DNS misconfiguration issues.

Smart Security Scan in Practice

The Smart Security Scan focuses on common vulnerabilities. By default, we check for SSL-related security problems. We display all measurable SSL/TLS certificates, including their validity, crypto keys used and algorithms. The status of ‘open’ gates is also included per IP, including connection support (TLS1.x and cyphers used).

  • Hosting: the Smart Security Scan is available as a virtual appliance and hosted as a service. Agent installation on server or end-point is not necessary.
  • Output: available as HTML or raw JSON data.

Technical details

The functionalities of the Smart Security Scan:

  • OWASP 10 2017/2018 compliant (XSS, SQLi, BAC, SDA, CSRF, API, SESSION and Auth)
  • General security test for web applications
  • Basic SSL security tests (valid and weak ciphers)
  • Extensive SSL Labs security tests (full SSL scan)
  • Google Malware validation
  • Data leak / leak investigation
  • SHODAN listing validation
  • TCP Network service scans
  • UDP Network service scans
  • BEAST/Poodle/Oracle/ SSL related scans
  • Mail server security scan (DKIM, DMARC, SPF, Spam, Blacklisting)
  • ShellShock
  • SQL Injection
  • Misconfiguration
  • WordPress security scans
  • Joomla security scans
  • Web application firewall tests
  • OWASP Secure Header tests
  • Custom reports
  • Create your own scan packages
  • Recurring scans
  • Implement custom security checking scripts
  • WSDL Security scans
  • PDF Reports
  • Planned scans
  • DNS Security
  • IP Blacklisting check (SPAM)
  • Mobile app
  • On-premises scanning
  • Easy application integration with custom code libraries
  • Easy application integration with our API

Would you like to know more?

Do you wish to be provided with a demo, Proof of Concept or directly technical in-depth consultation with one of our PKI experts? Feel free to contact us, we are happy to think along with you!

Contact us

Although we were one of the first customers to choose the combined S/MIME Management and Automation Service from GlobalSign & KeyTalk and we had to overcome some initial hurdles, we got fantastic support from the KeyTalk team and the service is working perfectly now. I would absolutely recommend their S/MIME Management and Automation Service to any company that needs easy-to-use end-to-end secure email communication. — Matteo Snidero, Head of IT @ Finance in Motion

Contact KeyTalk