CheckScan+ is fully supported throughout the scanning engagement, from scoping and configuring your scans, to helping you understand and analyse your results. The service gives you access to technical support that is provided by our security consultants. We are available to explain the results in greater depth, remove false positives and provide remediation advice once initial testing is complete.

Basic Support included with all licenses

Through the Vulnerability Scanning platform we offer unlimited access to industry leading scanning technology. The SaaS portal allows you to configure and manage your own scans on a frequency that suits your business need.

Supported Feature Highlights included:

  • Full access to unlimited Scans
  • Administrative Support access via our helpdesk for basic queries such as FAQ’s
  • Access to FAQ’s support page
  • Notification of new updates/vulnerability discovery

Full managed testing service

The CommSec managed Scanning Service combines industry leading application / infrastructure scanning technology and security expertise from our team of consultants. The hybrid service is designed for those who seek the assurance that consultant guided testing can provide.
The CommSec Managed service is fully supported throughout the scanning engagement, from scoping and configuring your scans, removal of false positive results and post scan support to help you understand and analyse your results.

Managed Service Feature Highlights

  • CommSec’s complete management of the scanning process from Schedule, Configure and Manage.
  • Receive sanitised reports that are free of false positives with each vulnerability verified through safe exploitation.
  • 8/5 Technical Support, Remediation Advice provided via Security Consultants
  • All Managed Service Scanning customers have full access to the SaaS tool outside the managed service. Provision your own scans on an unlimited frequency within your licence band in addition to your consultant guided scans.

Support Option Matrix

Feature Basic Support Full Managed Testing Service
Unlimited frequency of scans within your licence band
5/8 Administrative Helpdesk Support on basic FAQ’s
Unlimited Users, Unlimited Reporting
5/8 Technical Telephone support via Team of Security consultants
GoScript writing
Post Test remediation advice
Assistance with remediation and removal of vulnerabilities
CommSec’s complete management of the scanning process from Schedule, Configuration and Manage

Our Process

Our security consultants examine your web application identify the technology behind it. From information gathering we can determine the optimal scanning profile that will benefit your web app. After the scan process has finished our security consultants review and validate the scan results. This eliminates false positives that may have been found in the scan results. From the confirmed vulnerabilities a report is generated with remediation techniques and advice.


A login portal is available to check the progress of your vulnerabilities, assets, and scans. This dashboard can be customized with different views including vulnerability tracker, OWASP Top 10 vulnerabilities, most vulnerable hosts and recently discovered vulnerabilities.

1.1.1 Dashboard – Overview

Dashboard – Confirmed Vulnerabilities

checkscan dashboard

Dashboard – Assets & Scope

checkscan dashboard

Scan Profiles

Checkscan+ provides numerous types of scan profiles that are used to identify vulnerabilities on your applications and infrastructure. Scans profiles include GDPR, Penetration Testing, Crypto Mining Malware Scans, SQL Injection and Card Skimming profiles.

  • Standard Scan – Scan Profile for most cases includes form scanning
  • Standard Scan (No Forms) – Scan Profile avoid scanning forms
  • GDPR Deep-Scan – Scan Profile finds high impact vulnerabillities and GDPR compliance issues
  • Penetration Test Scan – Advanced Scanning with safe exploit plugins enabled.
  • Crypto-Mining Scan – Detects JavaScript Crypto Mining Malware
  • Blackhat & Defcon Scan – Scans for new exploits presented at Blackhat & Defcon Conferences
  • Card Skimmer Detection Scan – Detects JavaScript Card Skimming
  • SQL Injection Scan – thorough SQL injection scan that can detect SQL injection attacks
  • Subdomain Takeover Audit Scan – Audit applications for first and third party domain takeovers
  • CVE Scanning – Custom scans for newly released CVE’s
  • Custom Scanning – Custom Profiles can created for web apps.

    Book your free demo here