- Knowledge Base
- General
- Security Center
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
What is the difference between the different scan types?
External
The external scan engine is hosted by Holm Security and can be used to perform scans on your public environment. The result will give you a good understanding of the vulnerabilities you expose to the internet.
Internal Scanner Appliance
The Scanner Appliance is a virtual machine that you deploy in your local network. Depending on the size and configuration of your local environment, you may want to use several scanner appliances. The scanner appliance runs scans from within your local network. All results will be presented in the Security Center. It can be used for both web application scans and network scans.
Scanner Appliance for Cloud environments
The Appliance is hosted in your Azure/AWS environment with a similar purpose as the internal.
Network Scanning
Detect open ports and scan the ports for vulnerabilities. It can also be configured to authenticate during scans for even better coverage of vulnerabilities.
Cloud Scanning
Cloud scanning is a product that relates heavily to cloud security posture management. It helps you control cloud infrastructure risk, where you can automate the detection of misconfigurations across cloud resources.
Web Application Scanning
The web application scan engine will crawl your website to find vulnerabilities in each exposed URL. It can be configured with headers and authentication methods to bypass login forms and scan web pages protected by authorization.
API Scanning
The REST API scanning in the web app scan allows the scanner to inject vulnerability detection patterns into JSON REST APIs.
By supplying an Open API specification document, the scanner can detect various vulnerability types within REST APIs, including SQL injections, XXE, and deserialization issues.