About the Vulnerability Scanner function

It is important to periodically check the service infrastructure that is currently used, because most of the tampering that exploits the vulnerability can be defended by upgrading the service version or blocking certain ports.

“GRED WebCheck – Cloud” enables two-step checking of whether any vulnerabilities exist in the service infrastructure (only applies to websites using WordPress) and if any ports are unnecessarily open or not with just one click from within the management console. *This function is available to customers with “GRED WebCheck – Cloud” contracts.

Step 1:
After logging in to the management screen, check the box for the required diagnostic service to be conducted from the menu on the screen transitioned from “Vulnerability Scanner” on the left of the menu, and click the “Scan” button to start the diagnosis.

Step 2:
The diagnosis results are displayed after several minutes. The URL of any website that provides a port opening status and vulnerability information is displayed. Take appropriate measures while referencing the URL.

[Notes]
*1) Open-source WPScan and NMAP are used for this vulnerability diagnosis.
Due to the characteristics of the tools used for this vulnerability diagnosis, they may be detected as unauthorized access by your unauthorized access detection system (e.g. server monitoring tool, IPS / Firewall).
Please ensure the departments concerned accept implementation of this vulnerability diagnosis in advance, and temporarily exclude access by this service from the list of monitored targets, etc. before the diagnosis is implemented.
SecureBrain assumes no responsibility for any loss or damage incurred by customers’ use of this service.

*2) This diagnosis is available up to five times per calendar month regardless of the diagnosis menu.
Even if only the WordPress diagnosis is performed, it is counted as one time. However, if port scan diagnosis and WordPress diagnosis are performed simultaneously, it counts as one time.

*3) Use of this service is considered to constitute agreement with the following disclaimer. This disclaimer is described on the diagnosis implementation page.

[Disclaimer]
WPScan of Dewhurst Security is used for the WordPress vulnerability scan and NMAP (open source) is used for the Port Scan. SecureBrain does not warrant any scan result. The user shall use this service in own responsibility and a judgment, and SecureBrain is not liable for any damage or loss incurred directly or indirectly caused by these scan.