Checking for vulnerabilities is vital to ensure malicious attack attempts don’t exploit poor configuration from date patching, cross-site scripting or injection vulnerabilities of your website or web application. It is easy to set up Vulnerability Scans in your RapidSpike account, they can be one off or scheduled on a daily, weekly or monthly basis.
If you haven’t already you will need to set up at least one website and/or server monitor, If you are unsure how to do this we recommend reading our articles on “Adding Your First Website Into RapidSpike” and “Adding Your First Server Into RapidSpike”.
To set up a vulnerability scan, select the website you want to create your first scan on.
Select ‘Security Scans’ on the left sidebar which will bring you to your scan dashboard. If you have no scans running this will be empty.
To create the scan click ‘Create’ on the top navigation bar and select ‘Scan’ at the bottom of the list.
In this section you can add Network Scans, Webapp Scans and Client-side Security Scans into your account. Press the ‘Add Scan’ button on the top right corner of the dashboard.
Firstly fill out the ‘Scan Label’ which will be the title of your scan and a description if you want to add details for identification.
Next you will want to choose the ‘Scan Type’, Select either Network, Website/Webapp Scan, or Client-side Security Scan.
If you select ‘Network Scan’ a list of your servers will be displayed for you to choose, If you picked either of the other scans you will be prompted to select the website you want to scan.
Next choose the interval/frequency you would like the scan to run, either weekly, monthly, quarterly or annually.
At the bottom of the form is a ‘Security Scanning Terms of Service’, Read through the terms and tick the box if you agree to the terms.
Your credits required, cost, and available credits are displayed below the agreement. Finally press ‘Create Scan’ which will add this to your dashboard.
Please note: Scans take one working day to set up, please be mindful otherwise they may not be configured properly prior to their scheduled run time.