[m0nastic]

Just out of curiosity, how will you verify that your clients actually own the site they want scanned?

And what sort of contract will you have in place for outages caused by the scanning, liability limitations, etc?

I absolutely think you could flourish with a service like this, but there are some kinks you'll have to work out.

[aquark]

A simple validation of ownership would be something like google uses for the google apps for domains: generate a unique id and ask them to create a file of that name on the domain. As a secondary check ask for something to be created in the dns records for the domain.

[bandhunt]

That's the plan. Thanks!