Vulnerability Scans
- Select a website from at top-left
- Сlick 'Scan' > 'Vulnerability'
You can run two types of vulnerability scan:
- A scan that searches for known weaknesses in your content management system (CMS).
- The following CMS types are supported:
- WordPress
- Joomla
- Drupal
- ModX
- Typo3
- Scanned items include core site, current CMS version, plugins, themes, and more
- The 'CMS Scan' pane shows results from the last scan and lets you:
- Run on-demand scans your website
- Schedule a weekly scan
- You can view details about each vulnerability and read guidance on how to fix them
SOCaaP Web Protection scans your sites for the top-ten vulnerabilities published by the Open Web Application Security Project (OWASP). It automatically blocks any threats that it discovers.
- The 'OWASP Top 10 Scan' pane shows results from the last scan. From here, you can also:
- Run on-demand scans on a site
- Schedule a weekly scan
- The scan results show the number of threats in each OWASP category that were blocked by SOCaaP Web Protection. You can view descriptions on each vulnerability category
- You can also view scan reports for the last ten scans.
Background. OWASP is an online community that audits critical domain security issues and publishes the ten most widespread vulnerability categories. These categories help admins protect websites against the most serious security flaws. SOCaaP Web Protection checks whether your registered domains are vulnerable to the tests in the OWASP top ten and allows you to take remedial actions on those that fail. |
See the sections below if you need more help with each type of scan: