Vulnerability Scanning

We offer website and system vulnerability scanning
We scan devices and system host websites in the enterprise network environment to test for vulnerabilities and provide improvement solutions through professional analysis to reduce information security risks

As network activities have become increasingly complex, enterprise systems and host website environments are often subject to unauthorized access or other information security risks due to improper management and settings. Hacker exploitation of known vulnerabilities has become a hidden crisis for enterprises.

Our “Vulnerability Scanning and Assessment Service” uses a vulnerability scanning tool together with other commonly used tools and commands to help customers scan various network devices and system hosts in the network environment to quickly identify and fix vulnerabilities, including software vulnerabilities, missing patches, malware, and misconfigurations. Through professional results analysis, we provide customers with effective and feasible improvement solutions. By scanning for vulnerabilities, we identify security vulnerabilities in system maintenance early and fix them in a timely manner to avoid intrusion attacks through the vulnerabilities, achieving the goal of reducing information security risks.

Simulate the Hacker Mindset with Rich Experience in Attack and Defense Exercises to Discover Unknown Vulnerabilities Early

ISSDU's Service Advantages and Benefits


Testing by Expert Team

All members of our professional testing team have extensive experience in security testing and have obtained international information security certifications to provide professional test plans and services to our customers

Professional Website/System Vulnerability Analysis Reports

Scan result reports in Chinese contain the number and percentage of risk vulnerabilities, statistical charts of the total number of vulnerabilities by types, a list of vulnerabilities found in each host, and complete patching advice

Improved Network Environment Security

This service helps enterprises understand the vulnerabilities in network devices, systems and hosts in their existing environments and obtain effective improvement solutions through vulnerability scan results and analysis reports

Customized Test Planning

We tailor a suitable scan policy that fits customer needs related to different systems, devices, network segments, categories or priorities and our staff performs scanning on site

Professional Test Reports and Consulting Services

We provide professional test reports and patching advice based on test results and offer professional consulting services to help corporate customers reduce information security risks

Vulnerability Scanning Service

01 Customized and suitable scan policies

02 Comprehensive vulnerability analysis reports

03 Vulnerability patching advice and effectiveness consultation

06 Re-scanning


Professional Vulnerability Scanning Service to Prevent System Attacks

  • Security scanning and assessment for routers, firewalls, Microsoft Windows servers, UNIX system servers, and network devices
  • Scanning and testing for network services, backdoors, accounts and passwords, and DoS vulnerabilities
  • Multiple built-in scan policy settings to allow for different levels of scanning for Microsoft Windows servers, Microsoft web servers, Unix, Unix web servers, routers/switches, etc.
  • CVSS (Common Vulnerability Scoring System)
  • Tenable's Vulnerability Priority Rating (VPR)


ISSDU's professional commercial vulnerability scanning software used for website vulnerability scanning features an excellent website vulnerability detection function and provides quick, in-depth, and intensive scanning. The functions and advantages of this software tool are as follows:

  • Supports multiple test items:SQL Injection、XSS、XXE、SSRF、Host Header
  • Compliant with multiple standards:OWASP Top 10, PCI DSS, HIPAA, etc. 

Vulnerability Scanning Service Flow

01

Project Initiation

The customer provides the corresponding network IP range and operating system to confirm the project's targets and scope. The scope of a project usually covers servers that open important network services, and the personal computers of administrators.

02

Scanning Execution

Our staff conducts intranet scanning on site, performs tests as needed, adjusts tool policies during the scanning if needed, tests the information provided in the scanning, checks the scan results, and tunes false positives.

03

Test Reports and Consulting Services

We provide final test reports based on test results, as well as advice on fixing vulnerabilities, and assist customers in fixing the vulnerabilities by themselves or by the website developer/maintenance vendor.

弱點掃描常見問題

可協助於上班時間進行設備設置,於客戶指定時間進行掃描,完成後再於上班日至貴單位將設備及結果取回。

已知弱點涵蓋範圍包括 OWASP Top 10、CVE ( 應用程式弱點 ) 等。

會根據需求及站台規格去調整測試的掃描參數,此部分可於行前會議討論。

如何確認掃描結果的弱點是否為誤判?

專業檢測人員將依據掃描結果進行弱點及修繕建議之判讀,並提供客戶檢測報告書。

ISSDU Provides You with Services that Fit Your Industry and Needs

We offer customized information security testing services