Configuration

What IP addresses are used for the HostedScan vulnerability scanners?

We provide two methods for identifying the IP addresses for HostedScan's scanners

What is Quality of Detection (QoD) in OpenVAS scans?

I'm not seeing expected open ports and vulnerabilities?

Exclude subdomains and customize the OWASP ZAP crawler

Scanning your Open API and Swagger endpoints

You can use the OWASP ZAP scanner to scan your application's API endpoints.

Can HostedScan integrate with my ticketing system?

How do I white label the HostedScan report?

HostedScan's branded report can be white labelled if you are an MSP plan customer.

What CVSS Version Does HostedScan Use?

Customize Request Headers or Cookies (OWASP Zap)

You can set Authorization, Bearer Token, API Key Headers and more for the OWASP Zap scanner, or set custom cookies to get past banners and authentication

How can I fix an unreachable target?

Learn how to resolve connection issues between HostedScan and your target

Long running scans (are normal)

Different scanners may encounter conditions that cause the scanner to take hours to complete a scan

MSP Workspaces Explained

What are HostedScan Workspaces, and how do I get them?

How do I add anti-csrf tokens to the ZAP web application scanner?

Configure custom anti-csrf tokens used by your application.

Why did a scan return a cached result?

Explanation of cached scan results on free trial accounts