
Custom Website and API Security Scanning
Our experienced security team scan your website or API for vulnerabilities - we custom configure enterprise grade scanning tools to your specific stack and environment. We monitor scan results and sense check output for quality assurance. Detailed reports provide solution recommendations to help you remediate findings before they can be exploited by hackers. Our scans are a great first step if you are considering a certified penetration test. Scans can be run ad-hoc and cost $199 per scan.
Why should I scan my site for vulnerabilities?
Websites and APIs are the front door to your organization. They are the first thing that hackers will target when trying to gain access to your systems. Scanning them for vulnerabilities and remediating findings in a timely manner is a key part of your security strategy.
Website security scanning helps you:
- Detect client-side vulnerabilities. Cross-site scripting (XSS) and other client-side vulnerabilities can be exploited by attackers to steal user data or take control of your site.
- Detect server-side vulnerabilities. SQL injection, remote code execution, and other server-side vulnerabilities can be exploited by attackers to gain access to your systems.
- Remediate findings. Suggested solutions are provided for identified issues, helping your technical team to remediate them quickly and efficiently.
- Demonstrate compliance. Website security scanning is a key part of many compliance standards. Dashi USM™ helps you to demonstrate that you are meeting these requirements.
- Prepare for a penetration test. Running a scan before engaging a professional penetration tester can help you to identify and remediate more easily identifiable issues. No pen tester wants to give you a completely clean bill of health on the first pass, so they'll have to try harder if they want to find anything!




Why use Dashi USM™ for website and API scanning?
Three good reasons!
- It's easy. Dashi USM™ doesn't require any special software, and you can get started in minutes.
- It's cost-effective. Compared to purchasing software and training staff, Dashi is a very cost-effective solution.
- It integrates into a broader security framework. Once your results are in you can add comments, tag risks, log corrective actions and more. Dashi USM™ is a complete security management solution.
Website security scanning as a stand-alone activity doesn't give you the full picture. Understanding the risks that identified issues present in the context of your organization is key to managing them effectively.
Behind the scenes
Here's what happens after you place your order:
- Assessment. Our team will assess your order and confirm that we have all the information we need to proceed. If we need more information, we'll get in touch with you.
- Testing. We will configure the scanning tool, kick off the scan, and monitor progress to make sure everything is running smoothly.
- Results. Once the scan is complete (which can take anywhere from a few hours to a few days for more complex sites), we will review the results. If something doesn't look right, we might need to adjust the scan configuration and re-run the scan. If everything looks good, we send the report to your Dashi USM™ account and you receive a scan complete notification.
- Follow-up. If action is required, log a Change or a Corrective Action in Dashi USM™ to track the resolution of the issue. If you have any questions about the results, you can contact our support team for assistance.
Adding structure
Using Dashi USM™ to run your scans enables you to feed in the report data into your information security management system, turning raw data into actionable intelligence.
- Tag risks. When a scan report is arrives into Dashi USM™, an Event is generated and flagged up for review. Tagging relevant risks from your Risks register is quick and easy, and helps you track and prioritize risk treatment for high impact risks.
- Assess impact. Because your Endpoint is already linked to the information assets it stores and processes, Dashi USM™ can help you assess the impact of a vulnerability on your organization, not just your website.
- Assign impact scores. Dashi USM™ will guide you through the process of assigning impact scores for Confidentiality, Integrity and Availability (the CIA triad) for the scan, giving you a more accurate view of the risk to your organization.
- Follow-up. If action is required, log a Change or a Corrective Action in Dashi USM™ to track the resolution of the issue.