Alibaba Cloud Vulnerability Discovery Service (AVDS) is a SaaS-based network vulnerability scanning service. It can adaptively discover your network asset fingerprints, such as domains, subdomains, IPs, ports, protocol service, and web components. On this basis, it also deeply assesses the weaknesses of these assets in a continuous way, to help better mitigate relevant risks

{"moduleinfo":{"benefits":"Benefits","outputBuyBtn4Partner":true,"os_count":[{"count_phone":0,"count":0}],"products_count":[{"count_phone":0,"count":0}],"benefits_count":[{"count_phone":4,"count":4}],"news_count":[{"count_phone":0,"count":0}],"floor":"floor1","outputNews4Partner":"false","regions_count":[{"count_phone":0,"count":0}]},"regions":[],"os":[],"products":[],"benefits":[{"icon":"https://img.alicdn.com/tfs/TB1Vyita1SSBuNjy0FlXXbBpVXa-90-90.png","title":"High Accuracy With Multi-layer Verification Rules","content":"Based on Alibaba’s in-house experience with advanced threat defense, AVDS provides multiple-layer verification rules to reduce false positives and deliver highly accurate scanning reports."},{"icon":"https://img.alicdn.com/tfs/TB18k9AaWmWBuNjy1XaXXXCbXXa-90-90.png","title":"Intelligence-based IT assets discovery","content":"Start from one domain, it  discovers its relevant IPs, subdomains, ports, protocol services and web components. It gives you a bird-view of all your assets and helps to uncover the attack surface."},{"icon":"https://img.alicdn.com/tfs/TB1q4Gma3mTBuNjy1XbXXaMrVXa-90-90.png","title":"Fast scanning with a scalable architecture","content":"With a flexible and scalable architecture built on Alibaba Cloud, AVDS supports up to thousands of scanning engines to work simultaneously and ensure rapid fast scanning."},{"icon":"https://img.alicdn.com/tfs/TB1WTqza1uSBuNjy1XcXXcYjFXa-90-90.png","title":"No Agent and Deployment Required","content":"Log on to the AVDS console to execute scanning at any time and eliminate the need to deploy and maintain any agent or boxes on-premises."}],"news":[],"countinfo":{"benefits":{"length_pc":0,"length":0},"news":{},"regions":{},"os":{},"products":{}},"$tmsId":"tce/1358457"}

Benefits

: High Accuracy With Multi-layer Verification Rules
Based on Alibaba’s in-house experience with advanced threat defense, AVDS provides multiple-layer verification rules to reduce false positives and deliver highly accurate scanning reports.

: Intelligence-based IT assets discovery
Start from one domain, it discovers its relevant IPs, subdomains, ports, protocol services and web components. It gives you a bird-view of all your assets and helps to uncover the attack surface.

: Fast scanning with a scalable architecture
With a flexible and scalable architecture built on Alibaba Cloud, AVDS supports up to thousands of scanning engines to work simultaneously and ensure rapid fast scanning.

: No Agent and Deployment Required
Log on to the AVDS console to execute scanning at any time and eliminate the need to deploy and maintain any agent or boxes on-premises.

{"moduleinfo":{"title":"Features","li_count":[{"count_phone":4,"count":4}]},"li":[{"spm":"a","img":"https://img.alicdn.com/tfs/TB1XrXSSXXXXXc6aXXXXXXXXXXX-90-90.png","more":[{"p":"Protects against FTP, SSH, RDP, SMB, SMTP, POP3, IMAP, MYSQL, MSSQL, MongoDB, MemCache, Redis, Oracle, Subversion, LDAP, PPTP, VPN, HTTP basis login, WebFrom login form, and other threats","tce_rule_count":"1","title":"Weak password"},{"p":"Safeguards your online infrastructure from SQL injection, command execution, code injection, SSRF injection, expression injection, JAVA expression injection command execution, deserialization, XPATH injection, and other injection vulnerabilities","tce_rule_count":"1","title":"Web injection"},{"p":"Manages local/remote file inclusion (LFI/RFI), arbitrary file read, arbitrary file upload, XXE, arbitrary file deletion, and more","tce_rule_count":"1","title":"File inclusion"},{"p":"Protects against JSON data hijacking, identity authentication security, verification code limitation bypass, business consistency security, business data tamper, authentication permission recall logic, business authorization (horizontal/vertical arrogation) security, business procedure derangement, and business interface calling security","tce_rule_count":"1","title":"Logic vulnerability"},{"p":"Ensures protection against cross-site (XSS) Request Forgery (CSRF), ClickJacking, Jsonp hijacking, HTTP head injection CRLF, and URL redirection","tce_rule_count":"1","title":"Front-end vulnerability"},{"p":"Manage and mitigate WebServer misconfiguration, middleware misconfiguration, and container misconfiguration","tce_rule_count":"1","title":"Misconfiguration"},{"p":"Manage and control configuration file, test file, directory traversal attack, back-up file, SVN, GIT, compression package, temporary file, interface exposure, Heartbleed bug, and more","tce_rule_count":"1","title":"Information leakage"}],"h1":"Continuous Website/Network/Host Vulnerability Assessment","imgAction":"https://img.alicdn.com/tfs/TB16S1iSXXXXXXjXFXXXXXXXXXX-90-90.png"},{"spm":"a","img":"https://img.alicdn.com/tfs/TB1fXXZRpXXXXX5XpXXXXXXXXXX-90-90.png","more":[],"h1":"Discovery of Unknown Assets","imgAction":"https://img.alicdn.com/tfs/TB1d_pRRpXXXXXGXFXXXXXXXXXX-90-90.png"},{"spm":"a","img":"https://img.alicdn.com/tfs/TB1awdURpXXXXcgXpXXXXXXXXXX-90-90.png","more":[],"h1":"Professional Reports and Remediation Suggestions","imgAction":"https://img.alicdn.com/tfs/TB137pLRpXXXXctXFXXXXXXXXXX-90-90.png"},{"spm":"a","img":"https://img.alicdn.com/tfs/TB1ZFVTRpXXXXceXpXXXXXXXXXX-90-90.png","more":[],"h1":"Vulnerability Consultation Services","imgAction":"https://img.alicdn.com/tfs/TB1zLVhRpXXXXbYapXXXXXXXXXX-90-90.png"}],"countinfo":{"li":{"length_pc":0,"length":0}},"$tmsId":"tce/1358458"}

Features

Continuous Website/Network/Host Vulnerability Assessment

Weak password
Protects against FTP, SSH, RDP, SMB, SMTP, POP3, IMAP, MYSQL, MSSQL, MongoDB, MemCache, Redis, Oracle, Subversion, LDAP, PPTP, VPN, HTTP basis login, WebFrom login form, and other threats

Web injection
Safeguards your online infrastructure from SQL injection, command execution, code injection, SSRF injection, expression injection, JAVA expression injection command execution, deserialization, XPATH injection, and other injection vulnerabilities

File inclusion
Manages local/remote file inclusion (LFI/RFI), arbitrary file read, arbitrary file upload, XXE, arbitrary file deletion, and more

Logic vulnerability
Protects against JSON data hijacking, identity authentication security, verification code limitation bypass, business consistency security, business data tamper, authentication permission recall logic, business authorization (horizontal/vertical arrogation) security, business procedure derangement, and business interface calling security

Front-end vulnerability
Ensures protection against cross-site (XSS) Request Forgery (CSRF), ClickJacking, Jsonp hijacking, HTTP head injection CRLF, and URL redirection

Misconfiguration
Manage and mitigate WebServer misconfiguration, middleware misconfiguration, and container misconfiguration

Information leakage
Manage and control configuration file, test file, directory traversal attack, back-up file, SVN, GIT, compression package, temporary file, interface exposure, Heartbleed bug, and more
Discovery of Unknown Assets
Professional Reports and Remediation Suggestions
Vulnerability Consultation Services