True Trust Value True Trust Value | True Trust Standard True Trust Standard | ||||
---|---|---|---|---|---|
General Features | |||||
General Features | |||||
OWASP Top 10 Vulnerability Scanning | |||||
Scan type | |||||
Scanner typeFull scan requires domain verification via validation file (HTTPS) |
Quick scan | Full Scan | |||
OWASP Top 10 Vulnerability ScanningScans for the OWASP Top 10 vulnerabilities. A complete list of our scanners in the "Features" tab. |
|
||||
Automated Domain Verification | |||||
Automated Domain VerificationVerify scan targets for invasive scanning through placing a file on your system or a specific API-response for a GET-statement. |
|
||||
Speed up Scanning | |||||
Speed up ScanningEnables adjusting the scan requests per second. |
|
||||
Access to security wiki | |||||
Access to security wikiIncludes general descriptions, code snippets for fixing, and videos. |
|
|
|||
Regular Updates | |||||
Regular UpdatesWe provide regular updates and new features to our scanners and the user interface. |
|
|
|||
Scan Targets | |||||
Scan Targets | |||||
Multi Page Web Applications | |||||
Multi Page Web ApplicationsAn application, which consists of multiple individual pages. This is typically the case, if you have a HTML, JSP, etc. per page displayed in your browser. |
|
|
|||
Deep Scan – Automated JavaScript Scanning | |||||
Deep Scan – Automated JavaScript ScanningAn application, which is based on JavaScript. This is typically the case, if the application is based on or uses frameworks like Angular, React, Vue, jQuery or similar. |
|
||||
REST API Scanning | |||||
REST API ScanningAn application programming interface (API), which is documented in a Swagger / OpenAPI version 2 file. Usually the documentation is stored in a swagger.json file, which can be imported by the scanner. |
|
||||
Authentication | |||||
Authentication | |||||
Application Login with Credentials | |||||
Application Login with CredentialsLog in to your application via BasicAuth or with user credentials (user/password). |
|
||||
Advanced Application Login | |||||
Advanced Application LoginLog in to your application by defining keys and values for Cookies, HTTP Headers, or GET parameters. |
|
||||
Scheduling / Automation | |||||
Scheduling / Automation | |||||
Detailed PDF Reporting | |||||
Detailed PDF ReportingGet our detailed pdf reporting with a high-level scan summary, detailed scan findings, general and specific descriptions of the found attack vectors, and remediation support. |
|
|
|||
Scheduled Scanning | |||||
Scheduled ScanningCreate a scan schedule for your project to start scans on a daily or weekly basis. |
|
||||
Machine-readable reports | |||||
Machine-readable reportsGet our machine-readable reports in CSV, JSON, or XML format. |
|
||||
Scanning vulnerabilities and security issues | |||||
Scanning vulnerabilities and security issues | |||||
Server Version Fingerprinting | |||||
Server Version Fingerprinting |
|
|
|||
Web Application Version Fingerprinting | |||||
Web Application Version Fingerprinting |
|
|
|||
CVE Comparison | |||||
CVE Comparison |
|
|
|||
Heartbleed | |||||
Heartbleed |
|
|
|||
ROBOT, BREACH, BEAST | |||||
ROBOT, BREACH, BEAST |
|
|
|||
Old SSL/TLS Version | |||||
Old SSL/TLS Version |
|
|
|||
SSL/TLS Cipher Order | |||||
SSL/TLS Cipher Order |
|
|
|||
SSL/TLS Perfect Forward Secrecy | |||||
SSL/TLS Perfect Forward Secrecy |
|
|
|||
SSL/TLS Session Resumption | |||||
SSL/TLS Session Resumption |
|
|
|||
SSL/TLS secure algorithm | |||||
SSL/TLS secure algorithm |
|
|
|||
SSL/TLS key size | |||||
SSL/TLS key size |
|
|
|||
SSL/TLS trust chain | |||||
SSL/TLS trust chain |
|
|
|||
SSL/TLS expiration date | |||||
SSL/TLS expiration date |
|
|
|||
SSL/TLS revocation (CRL, OCSP) | |||||
SSL/TLS revocation (CRL, OCSP) |
|
|
|||
SSL/TLS OCSP stapling | |||||
SSL/TLS OCSP stapling |
|
|
|||
Security Headers | |||||
Security Headers |
|
|
|||
Content-Security-Policy headers | |||||
Content-Security-Policy headers |
|
|
|||
Portscan | |||||
Portscan |
|
|
|||
Boolean-based blind SQL Injection | |||||
Boolean-based blind SQL Injection |
|
||||
Time-based blind SQL Injection | |||||
Time-based blind SQL Injection |
|
||||
Error-based SQL Injection | |||||
Error-based SQL Injection |
|
||||
UNION query-based SQL Injection | |||||
UNION query-based SQL Injection |
|
||||
Stacked queries SQL Injection | |||||
Stacked queries SQL Injection |
|
||||
Out-of-band SQL Injection | |||||
Out-of-band SQL Injection |
|
||||
Reflected Cross-site scripting (XSS) | |||||
Reflected Cross-site scripting (XSS) |
|
||||
Stored Cross-site scripting (XSS) | |||||
Stored Cross-site scripting (XSS) |
|
||||
Cross-Site Request Forgery (CSRF) | |||||
Cross-Site Request Forgery (CSRF) |
|
||||
File Inclusion | |||||
File Inclusion |
|
||||
Directory Fuzzer | |||||
Directory Fuzzer |
|
||||
File Fuzzer | |||||
File Fuzzer |
|
||||
Command Injection | |||||
Command Injection |
|
||||
XML External Entity Processing (XXE) | |||||
XML External Entity Processing (XXE) |
|
||||
Billing Cycle | |||||
Billing Cycle | |||||
Payment type | |||||
Payment type | One-time | Yearly | One-time | Yearly | |
Number of scans annualy | |||||
Number of scans annualy | 1 | 12 | 1 | 12 | |
1 year | |||||
1 year | 2250.00 | 22500.00 | 7200.00 | 72000.00 | |
Order | Order | Order | Order |

Have questions about our Vulnerability Assessment?
We'd love to talk about how we can help you.