Website and web app testing that reveals code, operating system, server and firewall risks.
Easy to set up website testing
Just give us your domain name and email address and WSSA website vulnerability scanner will audit your web site code, applications, firewall AND the servers that host your site. There is no software to download, script to install or equipment to purchase. At the completion of each scan we will provide a complete report of the risks we discovered - ranked according to their severity - and recommend actions you, your host or technical staff need to take to eliminate them.
Fast report delivery
Get your reports fast. Use our automated sign up and get your web site scan started now and completed within 24 hours.
Choose the Scan Frequency You Need: Monthly, Weekly or Daily
Included in Basic Service is one scan a week which is suitable for blogs or sites that do not have credit card processing . For sites that process payment transactions or collect confidential information from site visitors we recommend Standard or Advanced Services and a daily scan.
Increase sales with a Beyond Security seal for your site
Let your customers know how hard you work to ensure their safety and security. Gain their confidence and increase your sales by installing the Beyond Security seal early in the checkout process and on any pages that request customer data. Get the seal with Standard or Advanced Service levels.
Thorough scanning of your site, servers and firewall
In addition to testing your pages for Remote File Inclusion, Cross Site Scripting, SQL Injection, PHP/ASP Code Injection, Directory Traversal and File Disclosure, we'll test over 5,000 families of vulnerability and run thousands of tests on your server. We'll test your site, firewall and servers beyond the level required for PCI Compliance.
New risk updates daily
Our security team has decades of cumulative experience and we host the world's most frequently used reference site in the field of internet and network security: SecuriTeam.com. We are often the first to discover new vulnerabilities and are known as a source of early risk alerts within the security industry. We incorporate newly discovered issues into the WSSA test database and with each scan you will be notified of any new risks.
False positive prevention
Some commonly found combinations of software and hardware can appear to have a high risk even when none exist. WSSA will perform extra checks to prevent false reporting of risks that don't actually exist.
Risk solution recommendations
WSSA provides you and your tech team with specific recommendations that will resolve issues that are discovered. Recommendations may include code revision, settings changes, software updates and operating system patches. Save time on researching for solutions and know that the actions you take will handle the risks we have discovered.
Complete, actionable reports
Our online, interactive reports include an overview for executives to measure progress made in reducing risks. And for the technical staff we provide links to more information about each risk and links to equipment vendor sites for updates and patches.
Security risk alerts by email
Receive an email alert when a scan reveals a new security risk on your site or equipment. New risks are discovered and tests to discover them are added to the WSSA test database often, so your daily scan will occasionally reveal settings or patches that may have been okay yesterday, but now need attention.
New vulnerability alerts
Keep up to date on the international security scene with our email alerts. When new hacks are devised and implemented anywhere in the world, our staff will be the first to know. Even if a new vulnerability doesn't affect you now, your familiarity with new developments will help you stay ahead of the game.