Security SCANNER and MONITOR by H-X Technologies are professional automated SERVICES designed for legitimate security assessment of WEBSITES (target objects).
SECURITY SCANNER (Vulnerability Scanner) is a free-of-charge online service, which provides one-time automatic analysis of a website using multiple vulnerability scanning engines. The SCANNER has quick and normal modes. Each user can run 3 free-of-charge normal scans, and then is invited to subscribe for the security monitoring.
SECURITY SCANNING MONITOR (Vulnerability Monitor) is an online subscription service, which uses the Security Scanner engines to perform daily scanning sessions, tracks the website vulnerabilities over time, and notifies the user when the vulnerabilities are increased, decreased or changed. Standard subscription price is 54 USD for security monitoring of one website during 31 days. We have seasonal, personal and other discounts. The Visa/Mastercard payments of the USERS are processed directly by AssetPayments, a processing center, which is compliant with the PCI DSS and uses state-of-the-art cyber security techniques.
The USER of the SERVICES must be either the owner of the website or must be authorized by the owner to scan the website for technical vulnerabilities. Before activating the scanning or monitoring, the USER should notify their web hosting provider about the vulnerability scanning.
In many jurisdictions, unauthorized vulnerability scanning is considered an offense. In H-X, we do our best to comply with relevant laws and regulations, and to reduce risks of third parties (email and USER authorization, verbose logging, etc.), but the SERVICE USER is the only responsible person for the vulnerability scanning, monitoring and any legal consequences.
H-X SERVICES are solely an interface to the acknowledged vulnerability scanning tools. H-X does not take any responsibility for any legal consequences of the vulnerability scanning nor monitoring.
The SERVICES provide only automated quick superficial security analysis. False positives are normal behavior of any vulnerability scanner. Information from the scanning reports should be verified manually. The automated SERVICES do not include manual verification, nor penetration tests, which can be ordered separately.
MONITORING scan sessions are designed to run daily (each 24 hours), but sometimes can delay, depending on the server load. The average duration of the scan session is about 3 hours.
Usually, SECURITY SCANNER or MONITOR do not impact availability or functionality of the target objects, but before using the SERVICES, the USER should take precautions and take business continuity and disaster recovery steps: make proper backups, define and test response procedures, etc. Such measures are recommended to prevent cyber security incidents and to protect from any real emergencies, attacks or threats, which can come from hackers, malware and other sources in the Internet. Anyway, the risk of using the professional controlled scanning services is much lower than the risk of ignoring or underestimating of real uncontrolled attacks.
Report retention periods. SCANNER reports are stored for 14 days and the MONITOR reports are stored for 45 days.