Vulnerability

SCHAN is

Introducing SCHAN

SCHAN is our vulnerability scanning, management and remediation solution. A fully featured vulnerability assessment platform that helps you stay on top of threats. We work closely with our security researchers and developers to turn the latest security findings into vulnerability tests. This way, you can access exclusive security research and test your infrastructure, systems and web application for hundreds of vulnerabilities.

At the present time, SCHAN is able to scan, check and validate 158,319 vulnerabilities. Can your vulnerability scanner do that?

SCHAN goes further than just vulnerability scanning though. Many vendors offer a “Vulnerability Management” platform which is nothing more than a vulnerability scan. For clients on our Advanced Plan, we include a remediation option. Remediation is carried out by our technical team through a VPN to your network. Typically performed out of core business hours, we will work through the vulnerabilities in a risk led approached. 

  • Critical Risk Exploitable Vulnerabilities
  • High Risk Exploitable Vulnerabilities
  • Critical Risk Vulnerabilities
  • High Risk Vulnerabilities
  • Medium Risk Vulnerabilities that constitute a PCI-DSS or CE failure
  • All other Medium Risk Vulnerabilities
  • Exploitable Low Risk Vulnerabilities

The ScHan Platform

Hosted in the UK and split between our own datacenter, Digital Ocean and Amazon Web Services, the SCHAN platform is a robust and highly available vulnerability scanning and assessment platform. Featuring 64 scanning engines available at idle load and able to dynamically resize, SCHAN is able to perform any size of vulnerability assessment in a short amount of time.

Monitor

Recurring vulnerability tests check your infrastructure, system and applications for over 100,000 vulnerabilities.

Manage

Skilled security researchers’ latest findings are built into the service to help you in managing your vulnerabilities.

Educate

Share your Hedgehog Scan reports with your co-workers and improve your security knowledge.

Improve

Act on the scan reports yourself or use our remediation service to address the vulnerabilities for you.

The SCHAN Appliance

There are many vulnerability scanning and assessment platforms available via the internet. One of the biggest limiting factors with these services is the inability to scan internal networks or within cloud environments. That is where the SCHAN Appliance comes in.

The SCHAN Appliance in physical form is about the size of a micro PC and sits inside of your network. For cloud environments, we offer a fully built cloud instance image for Amazon AWS, Google, Azure and Digital Ocean. Others are available on request.

How it works

Featuring a local scanning engine, the appliance uses HTTPS to communication back to the main systems using a TLSv1.3 with an AES256 VPN tunnel. All data captured is stored in an isolated database in the core that is individually encrypted to each client.

SCHAN is

Pricing

Basic

from £5 / asset
  • IP or URL
  • 68,000 checks
  • test once per month
  • 24 hour turnaround
  • suitable for Cyber Essentials

Standard

from £10 / asset
  • everything from basic
  • 300,000+ checks
  • latest zero days
  • multiple scans per month
  • remediation support

Advanced

from £25 / asset
  • everything from standard
  • internal scanner available
  • manual verification
  • exploitation check
  • remediation included *

Try the scanner for free

From here you can test any website that you own for common vulnerabilities using our light weight scanner. Our light weight scanner performs a passive web security scan in order to detect issues like: outdated server software, insecure HTTP headers, insecure cookie settings and a few others.

URL:
 

Disclaimer: The Secure GI service operates this free website security scanner. The free scanner is a passive scanner which checks the website fingerprint, performs version-based vulnerability scanning and checks for common configuration issues.

The free remote scanners have limited access and results are not guaranteed. For a full scan, covering in excess 150,000 checks, contact our team.

Frequently Asked Questions

The web interface will be on general release from the 1st of September 2020.

All client data is encrypted using AES256 with a unique salt and encryption key for each client.

HCAN is able to produce scan reports in the following formats:

  • csv
  • pdf
  • docx

We can tune the virtual machine to a low spec if needed but the recommended specification is:

  • 16gb of RAM
  • 256gb of Storage
  • Quad core processor
Scroll to Top