Alibaba Cloud Vulnerability Discovery Service (AVDS) is a SaaS-based network vulnerability scanning service. It can adaptively discover your network asset fingerprints, such as domains, subdomains, IPs, ports, protocol service, and web components. On this basis, it also deeply assesses the weaknesses of these assets in a continuous way, to help better mitigate relevant risks
- High Accuracy With Multi-layer Verification Rules
Based on Alibaba’s in-house experience with advanced threat defense, AVDS provides multiple-layer verification rules to reduce false positives and deliver highly accurate scanning reports.
- Intelligence-based IT assets discovery
Start from one domain, it discovers its relevant IPs, subdomains, ports, protocol services and web components. It gives you a bird-view of all your assets and helps to uncover the attack surface.
- Fast scanning with a scalable architecture
With a flexible and scalable architecture built on Alibaba Cloud, AVDS supports up to thousands of scanning engines to work simultaneously and ensure rapid fast scanning.
- No Agent and Deployment Required
Log on to the AVDS console to execute scanning at any time and eliminate the need to deploy and maintain any agent or boxes on-premises.
Continuous Website/Network/Host Vulnerability Assessment
Protects against FTP, SSH, RDP, SMB, SMTP, POP3, IMAP, MYSQL, MSSQL, MongoDB, MemCache, Redis, Oracle, Subversion, LDAP, PPTP, VPN, HTTP basis login, WebFrom login form, and other threats
Safeguards your online infrastructure from SQL injection, command execution, code injection, SSRF injection, expression injection, JAVA expression injection command execution, deserialization, XPATH injection, and other injection vulnerabilities
Manages local/remote file inclusion (LFI/RFI), arbitrary file read, arbitrary file upload, XXE, arbitrary file deletion, and more
Protects against JSON data hijacking, identity authentication security, verification code limitation bypass, business consistency security, business data tamper, authentication permission recall logic, business authorization (horizontal/vertical arrogation) security, business procedure derangement, and business interface calling security
Ensures protection against cross-site (XSS) Request Forgery (CSRF), ClickJacking, Jsonp hijacking, HTTP head injection CRLF, and URL redirection
Manage and mitigate WebServer misconfiguration, middleware misconfiguration, and container misconfiguration
Manage and control configuration file, test file, directory traversal attack, back-up file, SVN, GIT, compression package, temporary file, interface exposure, Heartbleed bug, and more
Discovery of Unknown Assets
Professional Reports and Remediation Suggestions
Vulnerability Consultation Services