search

6.3 Vulnerability Scan

๐Ÿ“– Overview

The Vulnerability Scan module provides real-time detection, classification, and visibility into the known and potential security weaknesses across your entire digital surface.

This system continuously analyzes exposed services, technologies, protocols, and configurations to identify vulnerabilities โ€” then ranks them by severity so you know exactly what to fix, and where.

๐Ÿšจ ShieldsGuard helps you stay ahead of attackers by showing what they see before they exploit it.

hashtag
๐Ÿ” What It Scans

  • Web application stack (WordPress, PHP, Plesk, etc.)

  • SSL/TLS configuration and certificate health

  • HTTP headers and content security policies

  • Open ports and exposed services

  • Publicly accessible endpoints

  • CMS plugin versions

  • Protocol vulnerabilities and misconfigurations

  • Missing or misconfigured DNS and email security

hashtag
๐ŸŽฏ Severity Levels

All findings are categorized using a clear, color-coded system:

Severity
Meaning

๐Ÿ”ด Critical

Exploitable vulnerabilities with high impact

๐ŸŸ  High

Major misconfigurations or outdated technologies

๐ŸŸก Medium

Weaknesses requiring mitigation

๐Ÿ”ต Low

Minor risks or hygiene issues

โšช Info

Informational or best practice observations

Each severity level helps prioritize remediation based on real-world impact.

hashtag
๐Ÿ“‹ Vulnerability Detail

Every finding includes:

  • Affected domain and URL

  • Risk level (color and label)

  • Vulnerability type or CVE (if applicable)

  • Description of the issue

  • Discovery method

  • Exact URL or port

  • Suggested resolution

  • Timestamp

  • Quick access to โ€œViewโ€ for more details

hashtag
๐Ÿง  Example Findings

Vulnerability
Risk Level
Affected Component

CVE-2020-24778 (GSAP)

High

JavaScript library

Missing HSTS Header

Medium

HTTP response headers

Misconfigured CORS

Medium

API endpoints

SSL Certificate Near Expiry

Medium

TLS

Missing HttpOnly on Cookies

Low

Set-Cookie directive

No DKIM or SPF Records

Info

Email configuration

WordPress XML-RPC Brute Force Exposure

Medium

WP login subsystem

REST API Enumeration

Info

WP-JSON endpoint

hashtag
๐Ÿ“ˆ Dashboard Features

  • ๐Ÿ“Š Risk Score Gauge โ€” Visual snapshot of risk posture

  • ๐Ÿ“‘ Security Findings Table โ€” Fully filterable by severity or domain

  • ๐Ÿงฎ Vulnerability Histogram โ€” Severity-wise chart

  • ๐Ÿ” Domain Filter โ€” Narrow scope by subdomain or asset

  • ๐Ÿ“ค Export Capabilities โ€” Download reports for audits or incident response

hashtag
โš™๏ธ How to Use It Effectively

Goal
Action

Patch critical exposures quickly

Sort by severity and act on ๐Ÿ”ด/๐ŸŸ  first

Track remediation over time

Re-scan after fixes and compare findings

Improve compliance posture

Export finding logs with timestamps

Investigate patterns

Correlate vulnerabilities across domains

Confirm system health after deploy

Run scan post-update to detect regressions

hashtag
๐Ÿ” Best Practices

  • Integrate scans into your change and release cycle.

  • Treat HIGH and CRITICAL findings as blockers in CI/CD.

  • Review LOW/INFO items regularly for hygiene improvements.

  • Use scan results to update your WAF, IP filters, and rules.

๐ŸŽฏ ShieldsGuard Vulnerability Scan is your early warning system โ€” detecting what could be exploited before attackers do, and giving you a prioritized, actionable plan to fix it.

Previous6.2 Network TopologyNext7. Access

Last updated