Vulnerability Scan Service

Vulnerability Scan Service (VSS) is a security diagnosis service that use weakness detection and intelligent correlation analysis technologies to help you discover security risks in your websites or servers.

  • Web content moderation is a newly launched feature. VSS can now identify inappropriate and illicit content, including terrorism-related or politically sensitive information.
Product Advantages
  • Full Scan Capabilities

    Scans for website, host, and middleware vulnerabilities, as well as weak passwords.

  • Automatic Monitoring

    Monitors the latest network vulnerabilities in real time, updates detection rules immediately, and detects asset risks promptly.

  • Intelligent Scanning

    Harmless scan dynamically adjusts scanning frequency and analyzes how detection results are correlated.

  • Compliance Checks

    In compliance with Huawei and Center for Internet Security (CIS) benchmarks, checks for configuration weaknesses to expose vulnerabilities.

Application Scenarios
  • Website Vulnerability Scan

  • Host Vulnerability Scan

  • Weak Password Scan

  • Middleware Scan

  • Content Moderation

Website Vulnerability Scan

Website Vulnerability Scan

Website vulnerabilities can lead to crippling impact on business and cause financial loss if not found and addressed at the earliest possible time.

Advantages

Scanning for Common Vulnerabilities

Incorporates a vulnerability rule library for scanning all types of websites and produces comprehensive scan reports.

Scanning for the Latest Critical Vulnerabilities

Security experts analyze the latest critical vulnerabilities and update rules to provide the fastest and most complete CVE vulnerability scan.

Related Services

waf

dbss

ses

Host Vulnerability Scan

Host Vulnerability Scan

Hosts bearing critical services may be exposed to vulnerabilities and non-compliant configurations.

Advantages

In-Depth Scanning

Performs multi-dimensional OS vulnerability detection and configuration checking.

Intranet Scanning

Enterprises can choose to enact an intranet scanning policy on servers.

Related Services

waf

hss

dbss

Weak Password Scan

Weak Password Scan

Passwords are usually used for remote login to assets such as hosts or middleware. Attackers often use scanning technologies to hack usernames and weak passwords.

Advantages

Multi-Scenario Applicability

Scans for standard web services, all OSs, and 90% of all middleware, including databases.

Built-in Weak Password Library

Simulates hacker detection of weak passwords. You can also use your own weak password library to detect passwords.

Related Services

dew

Middleware Scan

Middleware Scan

Middleware helps develop and integrate complex application software flexibly and efficiently. If a hacker discovers and exploits vulnerabilities in the middleware, the security of the upper layer and lower layer is compromised.

Advantages

Diverse Scenario Applicability

Supports vulnerability scanning of foreground development frameworks, and background microservices, as well as configuration compliance scanning.

Multiple Scan Methods

Chooses standard scan or custom scan to identify the middleware and its version in the server, and discover vulnerabilities and risks.

Related Services

waf

hss

dbss

Content Moderation

Content Moderation

Non-compliant content on your site can stain your brand image and lead to financial losses.

Advantages

Precise Identification

Synchronously updates sample data from hot topics in politics and public opinion, and accurately identifies inappropriate and illicit content, including violence-related, terrorism-related, and politically sensitive information.

Intelligent Analysis

Performs semantic analysis on texts and images to identify complex texts.

Related Services

waf

ses

hss

Functions

  • Vulnerability Scan

    Enables specialized vulnerability scanning of assets, including web applications, hosts, middleware, and weak passwords.

  • Smart Monitoring

    Monitors the latest network vulnerabilities 24x7, updates scan rules at the earliest possible time, and rapidly detects vulnerabilities in your assets.

Vulnerability Scan

  • Weak passwords

    SSH, RDP, SMB, MySQL, Microsoft SQL Server, MongoDB, Redis, Oracle, DB2, GaussDB, Postgres, and Telnet

  • Front-end vulnerabilities

    SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and URL redirection
  • Information leakage

    Port exposure, directory traversal, backup files, insecure files, insecure HTTP methods, and insecure ports

  • Web injections

    Command injection, code injection, XPath injection, Server-Side Request Forgery (SSRF), and deserialization
  • File inclusion

    Reading, inclusion, and upload of any file, and XML External Entity attack (XXE attack)

Smart Monitoring

  • Critical vulnerability detection

    Monitors the latest high-risk vulnerabilities and your important assets, locates the affected servers or websites once a high-risk vulnerability is discovered, and provides detailed recommendations for resolving potential security issues.

  • Intelligent scan speed control

    The scan engine adjusts the scan speed based on site load, ensuring service continuity. Harmless scanning prevents dirty data from being written into your databases.

  • Web Content Moderation

    Identifies inappropriate and illicit content to protect your brand image.

  • Baseline Compliance Check

    In compliance with Huawei and CIS benchmarks, checks for weaknesses in security configurations to expose vulnerabilities.

Web Content Moderation

  • Accurate detection

    Quickly and accurately detects non-compliant content using deep learning technologies and a large set of sample libraries.

  • Stability and reliability

    Stays up to date on any breaking news and quickly updates the detection library. VSS has been tested and used over the years across a variety of complex scenarios.

Baseline Compliance Check

  • Multiple baselines

    OS baseline, Nginx, Apache, Tomcat, Docker, and more

  • Account security check

    Checks whether the password complexity and password policy of server accounts meet profile requirements.

  • Check for compliance with benchmarks

    Checks whether baselines comply with Huawei and CIS benchmarks.

  • Database risk detection

    Checks high-risk configurations of databases such as MySQL and MongoDB.

  • Comprehensive Report

    Generates a comprehensive scan report with detected vulnerabilities classified and provides the recommended actions to improve site defenses.

  • Scan Customization

    Customizes scan parameters based on your needs.

Comprehensive Report

  • Professional scan reports

    Provides detailed information, including URLs, vulnerability names, and descriptions, that can be downloaded to a local PC. 

  • Vulnerability classification

    Classifies vulnerabilities by severity and provides recommendations on how to fix each type. 

Scan Customization

  • Customization of login methods

    Chooses the method best suited for you to log in, such as using the account and password or cookies.

  • Custom scan plugins

    Selects specific plugins so you can scan specific types of vulnerabilities and quickly identify risks.


  • Crawler setting

    Sets the crawler user agent (UA) and excludes links from being crawled, enhancing scan security.

  • Scheduled scans

    Customizes the start time of a scan, helping you avoid performance bottlenecks during peak service hours; creates periodic scan jobs based on your needs.

Quick Configuration

Add Asset

Step

Add information about the website or host to be scanned.

Note

Website assets: Enter the domain name or IP address to add a website. All websites on the Internet can be scanned. Host assets: ECSs on HUAWEI CLOUD can be added in one-click. For a non-huawei cloud host, enter the IP address of the host.

Authenticate Asset

Step

Authenticate asset ownership.

Note

You must authenticate ownership before scanning. Select the most appropriate authentication method to simplify your operations.

Scan Asset

Step

Scan websites and hosts from multiple dimensions to discover vulnerabilities. Consider how an attacker would try to hack your assets and perform complete scans, leaving no risk addressed.

Note

Scan with one click using default settings or configure more settings to perform a more detailed scan. You can start a scan job immediately or set a periodic scan job.

View Result

Step

View the scan results and download the scan report.

Note

You can view the scan progress in real time. As soon as the scan is complete, you will be notified by SMS or email. Then, you can download the scan report with the recommended mitigations provided.

Usage Guides

Create an Account and Experience HUAWEI CLOUD for Free

Register Now