This topic describes the features of Cloud Security Scanner.

Discovers all associated assets

Cloud Security Scanner can discover all subdomains and Web server IP addresses that are associated with Cloud Security Scanner, and provides detailed asset fingerprints, such as the middleware, applications, operating systems, ports, services, geography, and Internet service providers (ISPs). This ensures maximum security and prevents springboard attacks.

Detects vulnerabilities thoroughly

Cloud Security Scanner can detect the following vulnerabilities:

Vulnerability type Vulnerability name
Weak passwords FTP, SSH, RDP, SMB, SMTP, POP3, IMAP, MySQL, MSSQL, MongoDB, phpMyAdmin, MemCache, Redis, Oracle, PostgreSQL, Subversion, LDAP, PPTP, VPN, HTTP basic authentication, and HTML forms, Tomcat Web console.
Web injection SQL injection, command injection, code injection, Server-Side Request Forgery (SSRF) Web injection, expression injection, Java Expression Language (EL) injection and command execution, deserialization, XML Path Language (XPath) injection, and other injection vulnerabilities.
File inclusion Local file inclusion (LFI), remote file inclusion (RFI), arbitrary file reading and uploading.
Front-end vulnerabilities Cross-site scripting (XSS), cross-site request forgery (CSRF), clickjacking, JSONP hijacking, carriage return (CR) and line feed (LF) injection to HTTP headers, and URL redirection.
Incorrect configurations Incorrect configurations of Web applications, middleware, and containers.
Sensitive information leakage Information leakage from configuration files, test files, backup files, SVN, Git, compressed packages, and temporary files. Directory traversal attacks, interface exposure, and the Heartbleed bug.

Sensitive and illicit content detection

Cloud Security Scanner intelligently detects illicit content, such as adult and terrorism content on your website. This prevents your brand image from being damaged. The accuracy of detecting images that contain adult content is higher than 90%. The plug-in model is highly flexible. You can adjust the model as needed. Cloud Security Scanner can detect text, images, and videos that contain weaponry, politically sensitive persons, violent scenes, specific clothing, special characters, and other terrorist content. The library is quickly updated according to news, events, and public opinions.

Drive-by download detection

Based on multiple model integration technologies, Cloud Security Scanner monitors your website from multiple dimensions. It quickly detects website defacement and drive-by downloads, and sends you alerts and notifications in real time.

Clear and direct scan reports

Cloud Security Scanner provides professional scan reports after scan tasks are completed. It classifies detected risks into different types and offers troubleshooting solutions.

Risk verification assistant and troubleshooting solutions

Cloud Security Scanner helps you verify and fix vulnerabilities with professional assistance.