Protect your website from cyberattacks before it's too late. Act now to secure your digital presence.
Weak encryption, expired certificates, open ports leave your organization exposed. Hackers exploit these gaps.
The consequences for your business: data breaches, financial losses, downtime – not to mention the fines from the regulators.
A vulnerability scan can uncover these threats and show where your defenses fail. All you have to do is provide us with your company URL and an email where we can send your Vulnerability Scan Report.
The Process
The external scan will assess your external environment by scanning URLs or IPs to see if there are any major security gaps.
Tests included in the external scan:
Certificate and encryption
- SSL certificate status: Identifying whether SSL certificates are revoked or not.
- SSL certificate status for customer domain: Detecting whether SSL certificates are expired or valid.
- SSL cipher detected: Identifying SSL cipher grade encryption from weak to strong.
- SSLv2 protocol status: Detecting whether SSLv2 protocol is enabled or disabled.
- TLS protocols: Detecting whether best practice TLS protocols like TLSv1.2 and TLSv1.3 are implemented.
- TLS protocol support: Identifying whether best practice TLS versions on a customer’s website are supported or not.
Domain and website security measures
- WHOIS information status: Checking for unavailable or up-to-date WHOIS information related to domain expiration or warnings of impending expiration.
- Phishing blacklist status: Identifying the presence or absence of customer domain/URLs in phishing blacklists.
- DNS security measures: Evaluating DNS security by checking DNSSEC and SPF/DMARC records in DNS.
Port and network security
- Port risk assessment: Identifying the presence of risky / medium-risk / high-risk or open and accessible ports within the your network.
- HTTP to HTTPS redirect status: Detecting the enabled or disabled status of HTTP to HTTPS redirection.
- Web Application Firewall (WAF) presence: Identifying the existence or absence of a WAF within the network.
SSL/TLS implementation
- SSL/TLS implementation status: Checking the presence or absence of SSL/TLS implementation.
The Report
After executing the external scan, iShift will provide you a report that includes:
- A summary of the findings and the risk severity for each finding (Critical, High, Medium, Low and Informational).
- The number of risk findings you should address.
- The findings by security domain (Domain and DNS, Email and Messages, Website and Web Application).
Companies that trust iShift
Join iShift
Become a part of a great company that gets the Big Picture!
We are technology experts who are passionate about helping our clients reach their business objectives through creativity and innovation. Our strong growth and great company culture has us looking for more amazing talent. If that’s your MO too, we’d love to hear from you!