Quantum Leap Technique

Web Security is our Profession.

 

On the contrary to other products Web Scan Service offers you the most complex scanning technology and a sophisticated system as well as a maximum in quality by the execution of the web scans.

Web Scan Service searches straight for security vulnerabilities based on thousands of signatures and surely finds the hidden vulnerabilities, too. Now after we have aroused your interest, you surely ask the question how a web site scan is accomplished.

Therefore we made a small list of all steps to be made:

 

Pic. 1: Registration


Pic. 2: My Account - internal area


Pic. 3: Web Scan Service - scan project setup


Pic. 4: Report generation


Pic. 5: Vulnerability in detail

  • Login
    After a short registration (fewer than 7 fields) you will get access to all our products. In your intern personal section you will be able to conveniently test and buy our products (fig.1).
  • Selection
    After you decided to test or to buy the product you will automatically get access to one of our scan servers (fig.2).
  • Scan
    With the aid of the scan server you will be able to set up a scan (if you need help during the process we will be at your service anytime)and initialize the web scan (fig .3). The scan server consists of 3 different applications (Crawl-Engine, Scan-Engine, Report-Engine).

    After a web scan was initialized the Crawl Engine will start in order to find every existing page and to view the content. In the process the Crawl Engine will record every content, document and each link found. Afterwards the Crawl Engine will follow the found links in order to find any sub sites and starts the documentation. At the same time the Scan Engine will execute over 4000 tests on each found object, e.g. on a form.
  • Interpretation
    As soon as the Crawl Engine as well as the Scan Engine finished their tasks all found vulnerabilities or any sensible information will be transferred to the Report Engine. With the given information the Report Engine is able to produce a report of your choice and will send a notification to your email (fig. 4) The reports will be placed in your personal internal section where you have the possibility download them or even to directly view them.

    However the content and the extent of a report is depending on whether you made a scan with the aid of the test version or you used the regular version of the Web Scan Service.

    The report of a test scan only contains the extent of the found vulnerabilities but not the location or any additional details about the found vulnerabilities.

    The report of a regular scan contains all details about the found vulnerabilities, from the location to made test request which identified the vulnerability everything will be recorded.
  • Removal
    After the removal of any vulnerabilities with the aid of our report you always will be able to initialize another check scan which will compare the results of the made scan with the check scan and which will show you if the found vulnerabilities are still present (fig. 5).
  • Schedules
    If desired you can even determine so called scan intervals, e.g. daily, weekly, monthly, per quarter. This is of interest if you organize a dynamic web application which is proportionally altered very often within a short time frame.

    Moreover with the aid of certain scan intervals you will meet compliance requirements (e.g. PCI Data Security Standard). In addition the access to your scan results will be available for at least 12 months.