Website & server vulnerability scanning & updates

What is vulnerability scanning?

This service comprises regular scanning of your website & server, to ensure they are up to date and have no vulnerability. This will help you to avoid attacks and hacking attempts. 

After the scan is done, we work hand-in-hand with you webmaster and hosting provider to correct any detected error. 

This service is available as a yearly contract, broken down into monthly fees. A scan is done weekly and the follow-up with your webmaster & hosting provider as and when needed.  

Why would an SME need this service?

  • To make sure that the business is secure, and the sensitive data collected cannot be stolen by an attacker.
  • Because SMEs are hit more often than we think! While the big data breaches are more likely to make the news, the fact is small business are targeted far more often than large corporations, with harsher consequences. The cost of a breach combined with the reputation hit may be too much for an SME to handle and put it out of business.
  • Compliance. Very often, being a small company does not mean you are exempt from the compliance regulations that larger companies are required to meet.

Why choose goCloud for this service?

  • Impartiality: As an independent consultant, we reinforce your credibility and compliance with regulations.
  • Experience: Our director, Frédéric, was managing director of one of Mauritius’ leading web agencies in Mauritius for 14 years
  • Hands-on approach: In addition to the scanning and reporting, we work with your web service providers to ensure that the issues are fixed – no back and forths to be done on your part

Click to see the full list of items covered within this package: 

  • Fingerprint web server software
  • Analyze HTTP headers for security misconfiguration
  • Check the security of HTTP cookies
  • Check the SSL certificate of the server
  • Check if the server software is affected by known vulnerabilities
  • Analyze robots.txt for interesting URLs
  • Check whether a client access file exists, and if it contains a wildcard entry (clientaccesspolicy.xml, crossdomain.xml)
  • Discover server configuration problems such as Directory Listing
  • Check if HTTP TRACK/TRACE methods are enabled
  • Crawl website
  • Check for SQL Injection
  • Check for Cross-Site Scripting
  • Check for Local File Inclusion and Remote File Inclusion
  • Check for OS Command Injection
  • Check for ASP Cookieless Cross-Site Scripting
  • Check for Server Side Request Forgery
  • Check for Open Redirect
  • Check for outdated JavaScript libraries
  • Find administrative pages
  • Check for sensitive files (archives, backups, certificates, key stores) based on hostname and some common words
  • Attempt to find interesting files/functionality
  • Check for information disclosure issues
  • Weak Password Submission Method
  • Clear Text Submission of Credentials
  • Verify Domain Sources
  • Check for commented code/debug messages
  • Find Login Interfaces
  • Sensitive Data Crawl

Discover our other solutions

goCloud - Mauritius

IT Management

for SMEs

Firewalls

IT Security

Mail & Collaboration

M365

Hosting