CheckScan+ is fully supported throughout the scanning engagement, from scoping and configuring your scans, to helping you understand and analyse your results. The service gives you access to technical support that is provided by our security consultants. We are available to explain the results in greater depth, remove false positives and provide remediation advice once initial testing is complete.
Basic Support included with all licenses
Through the Vulnerability Scanning platform we offer unlimited access to industry leading scanning technology. The SaaS portal allows you to configure and manage your own scans on a frequency that suits your business need.
Supported Feature Highlights included:
- Full access to unlimited Scans
- Administrative Support access via our helpdesk for basic queries such as FAQ’s
- Access to FAQ’s support page
- Notification of new updates/vulnerability discovery
Full managed testing service
The CommSec managed Scanning Service combines industry leading application / infrastructure scanning technology and security expertise from our team of consultants. The hybrid service is designed for those who seek the assurance that consultant guided testing can provide.
The CommSec Managed service is fully supported throughout the scanning engagement, from scoping and configuring your scans, removal of false positive results and post scan support to help you understand and analyse your results.
Managed Service Feature Highlights
- CommSec’s complete management of the scanning process from Schedule, Configure and Manage.
- Receive sanitised reports that are free of false positives with each vulnerability verified through safe exploitation.
- 8/5 Technical Support, Remediation Advice provided via Security Consultants
- All Managed Service Scanning customers have full access to the SaaS tool outside the managed service. Provision your own scans on an unlimited frequency within your licence band in addition to your consultant guided scans.
Support Option Matrix
|Feature||Basic Support||Full Managed Testing Service|
|Unlimited frequency of scans within your licence band|
|5/8 Administrative Helpdesk Support on basic FAQ’s|
|5/8 Technical Telephone support via Team of Security consultants|
|Post Test remediation advice|
|Assistance with remediation and removal of vulnerabilities|
|CommSec’s complete management of the scanning process from Schedule, Configuration and Manage|
Our ProcessOur security consultants examine your web application identify the technology behind it. From information gathering we can determine the optimal scanning profile that will benefit your web app. After the scan process has finished our security consultants review and validate the scan results. This eliminates false positives that may have been found in the scan results. From the confirmed vulnerabilities a report is generated with remediation techniques and advice.
DashboardsA login portal is available to check the progress of your vulnerabilities, assets, and scans. This dashboard can be customized with different views including vulnerability tracker, OWASP Top 10 vulnerabilities, most vulnerable hosts and recently discovered vulnerabilities.
1.1.1 Dashboard – Overview
Dashboard – Confirmed Vulnerabilities
Dashboard – Assets & Scope
Scan ProfilesCheckscan+ provides numerous types of scan profiles that are used to identify vulnerabilities on your applications and infrastructure. Scans profiles include GDPR, Penetration Testing, Crypto Mining Malware Scans, SQL Injection and Card Skimming profiles.
- Standard Scan – Scan Profile for most cases includes form scanning
- Standard Scan (No Forms) – Scan Profile avoid scanning forms
- GDPR Deep-Scan – Scan Profile finds high impact vulnerabillities and GDPR compliance issues
- Penetration Test Scan – Advanced Scanning with safe exploit plugins enabled.
- Blackhat & Defcon Scan – Scans for new exploits presented at Blackhat & Defcon Conferences
- SQL Injection Scan – thorough SQL injection scan that can detect SQL injection attacks
- Subdomain Takeover Audit Scan – Audit applications for first and third party domain takeovers
- CVE Scanning – Custom scans for newly released CVE’s
- Custom Scanning – Custom Profiles can created for web apps.
B109, The Linc,Blanchardstown Institute of Technology, Dublin
+353 1 536 7320