Full Scan Capabilities
Scans for website, host, and middleware vulnerabilities, as well as weak passwords.
Monitors the latest network vulnerabilities in real time, updates detection rules immediately, and detects asset risks promptly.
Harmless scan dynamically adjusts scanning frequency and analyzes how detection results are correlated.
In compliance with Huawei and Center for Internet Security (CIS) benchmarks, checks for configuration weaknesses to expose vulnerabilities.
Website Vulnerability Scan
Website vulnerabilities can lead to crippling impact on business and cause financial loss if not found and addressed at the earliest possible time.
Incorporates a vulnerability rule library for scanning all types of websites and produces comprehensive scan reports.
Security experts analyze the latest critical vulnerabilities and update rules to provide the fastest and most complete CVE vulnerability scan.
Host Vulnerability Scan (Coming Soon)
Hosts bearing critical services may be exposed to vulnerabilities and non-compliant configurations.
Performs multi-dimensional OS vulnerability detection and configuration checking.
Enterprises can choose to enact an intranet scanning policy on servers.
Weak Password Scan
Passwords are usually used for remote login to assets such as hosts or middleware. Attackers often use scanning technologies to hack usernames and weak passwords.
Scans for standard web services, all OSs, and 90% of all middleware, including databases.
Simulates hacker detection of weak passwords. You can also use your own weak password library to detect passwords.
Middleware Scan (Coming Soon)
Middleware helps develop and integrate complex application software flexibly and efficiently. If a hacker discovers and exploits vulnerabilities in the middleware, the security of the upper layer and lower layer is compromised.
Supports vulnerability scanning of foreground development frameworks, and background microservices, as well as configuration compliance scanning.
Chooses standard scan or custom scan to identify the middleware and its version in the server, and discover vulnerabilities and risks.
Enables specialized vulnerability scanning of assets, including web applications, hosts, middleware, and weak passwords.
Dynamically adjusts the scan speed, monitors the latest network vulnerabilities 24/7, and responds in real time.
SSH, RDP, SMB, MySQL, Microsoft SQL Server, MongoDB, Redis, Oracle, DB2, GaussDB, Postgres, and Telnet
SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and URL redirection
Port exposure, directory traversal, backup files, insecure files, insecure HTTP methods, and insecure ports
Command injection, code injection, XPath injection, Server-Side Request Forgery (SSRF), and deserialization vulnerabilities
Reading, inclusion, and upload of any file, and XML External Entity attack (XXE attack)
Critical vulnerability detection
Experts update detection rules upon discovering high-risk vulnerabilities, help locate the affected servers or websites, and provide detailed recommendations for resolving potential security issues.
VSS has been designed without dirty data into your database during scanning.
Intelligent scan speed control
Used for adjusting the scan speed based on site load, ensuring service continuity.
Generates a comprehensive scan report with detected vulnerabilities classified and provides the recommended actions to improve site defenses.
Allows you to customize scan rules, such as scan strength, to meet a variety of service requirements.
Collects, analyzes, and correlates statistics on each scan result, and displays the trends and vulnerability attributes in breakdown tables, helping improve vulnerability management.
Classifies vulnerabilities by severity and provides recommendations on how to fix each type.
Professional scan reports
Provides detailed information, including URLs, vulnerability names, and descriptions, that can be downloaded to a local PC.
Customization of login methods
Chooses the method best suited for you to log in, such as using the account and password or cookies.
Custom scan plugins
Selects specific plugins so you can scan specific types of vulnerabilities and quickly identify risks.
Sets the crawler user agent (UA) and excludes links from being crawled, enhancing scan security.
Customizes the start time of a scan, helping you avoid performance bottlenecks during peak service hours.