Just wondering; how does this differ from products like StopTheHacker and SiteLock (amongst others)? I mean, the idea is a solid one, but there's a few players in this arena already.
Sites like those generally in the business of seal-selling or doing very light security checks.
Many of them will only report out of date vulnerabilities (quick & easy to check) or very simple issues limited issues. Still a legit business obviously. Though the benefits are limited. Best way to check this, get a scan request and watch your logs. Most of them won't even do a POST request. How can you really check for vulnerabilities unless you test all the functionality in a web application?
I guess we should explain this in our website to distinguish ourselves from that pack.
Many of them will only report out of date vulnerabilities (quick & easy to check) or very simple issues limited issues. Still a legit business obviously. Though the benefits are limited. Best way to check this, get a scan request and watch your logs. Most of them won't even do a POST request. How can you really check for vulnerabilities unless you test all the functionality in a web application?
I guess we should explain this in our website to distinguish ourselves from that pack.