We earn commission when you buy through affiliate links.
This does not influence our reviews, ranking, or recommendations.Learn more.
Its used to find vulnerabilities in websites, APIs, networks, and servers.
For this review, Ive purchased a paid plan for HostedScan.
What Is HostedScan?
Founded in Seattle, Washington, in 2021, HostedScan is a leading vulnerability scanning and risk management tool.
HostedScan lets you track vulnerabilities across your organization.
Once it finds vulnerabilities, it also suggests solutions to mitigate them.
According to theSkybox Security report, a new CVE (Common Vulnerability and Exposures) surfaces every 17 minutes.
HostedScan Scanners
There are four scanners that HostedScan has integrated into its platform.
Each scanner has varied features and serves different purposes.
I have tested all four scanners and included screenshots to help you understand them better.
Its the most popular vulnerability scanner and can help you detect insecure software and CVEs.
Heres a screenshot of HostedScans dashboard, allowing you to run OpenVAS.
When you start scanning, the scanner first identifies open ports and services.
Then, it scans for vulnerable outdated software, insecure configurations, and CVEs.
It took around 50 minutes to scan Geekflare using OpenVAS.
This makes it ideal for cybersecurity professionals and those looking to pentest online.
Nmap is a highly popular web connection discovery and auditing tool among security teams and penetration testers worldwide.
Some certifications, such as SOC-2 and ISO 27001, require regular port scanning.
So, its important to scan your ports and services regularly.
HostedScan offers two ways to run port scanning.
I have run Nmap TCP and Nmap UDP to test Geekflare, as shown in the screenshot below.
HostedScans web connection Scanner is suited for IT administrators and cybersecurity professionals.
It quickly gave me results.
HostedScan system scanner is ideal for web developers and security analysts.
During my testing, I noticed that the SSL Scanner performed quite fast.
It scanned Geekflare.com in just less than 2 minutes!
HostedScans Sslyze TLS/SSL scanner is well-suited for system administrators and compliance teams.
I found 6 features worth noting.
You also have an option to start scanning now or at a later time.
Comprehensive Reporting and Prioritization
HostedScan emails you a comprehensive scan report after each scan is completed.
The reports include the Executive Summary, Vulnerabilities by Target, Vulnerabilities detected by the scanner, and Glossary.
These reports categorize vulnerabilities into four types: Critical, High, Medium, and Low.
Thus, it is easier to prioritize vulnerability remediation.
Of course, critical vulnerabilities require immediate actions.
I liked that HostedScan showed detected vulnerabilities in the email body itself.
This allows you to understand the severity of the detected risks without opening the scan reports.
Its dashboard highlights risks detected, accepted, and fixed for efficient vulnerability management.
HostedScans reporting and categorization of detected vulnerabilities was a standout feature for me.
Even beginners can navigate these scan reports without any difficulty.
you’re able to also check how your security has improved over time in the dashboard.
This way, it can help improve your DevSecOps.
Multi-user Collaboration
HostedScan lets you invite your team members to collaborate.
you could add your team members via their email addresses.
As you might see, multi-user collaboration is easy to implement in HostedScan!
It also allows you to check reports and dashboards for vulnerability management and remediation tracking.
Real-time Alerts
HostedScan lets you schedule automated scans that generate aggregated reports.
Here are five common use cases I have picked for this HostedScan review.
It not only detects vulnerabilities but also suggests steps to address them.
Compliance and Regulatory Adherence
HostedScan, with its integrated scanners, can help you find and fix vulnerabilities.
Authenticated Web system Scanning
Many applications have a significant amount of content hidden behind logged-in.
To run a thorough security testing of an software, HostedScan lets you run authenticated software scanning.
Its OWASP ZAP scanner leverages recorded login for your program to run authenticated scans.
Automated Penetration Testing
HostedScan enables you to schedule open-source scanners for continuous automated testing.
If it detects any vulnerabilities, youll receive email or Slack notifications, depending on your preferences.
Its OpenVAS scanner is used to find vulnerabilities specific to WordPress, detecting vulnerabilities in WordPress code and plug-ins.
HostedScan Pricing
HostedScan offers 4 plans, of which 3 are paid.
The cost of the paid plans increases if you increase the number of targets to be scanned per month.
HostedScan offers a25% discountif you purchase an annual subscription for any paid plan.
Here is a pricing table for HostedScan for quick reference.
You also get a30-day refund guaranteeif youre not satisfied with the scanning service.
HostedScan Integration
When searching for a vulnerability scanner, you need a solution with robust integration options.
HostedScan excels in meeting this requirement.
Based on my research and testing, HostedScan offers excellent integrations, as shown below.
In addition, HostedScan allows you to sync DigitalOcean Droplets and virtual machines from Linode for scanning.
However, the website lacks a live chat support option and a direct helpline for immediate query resolution.
It only offers email support.
if you run into any difficulties, you might email the company athello@hostedscan.com.
Email support is prompt if you message them during weekdays.
I tested their email support and emailed them asking about HostedScan features.
Surprisingly, I received the reply within a few hours on the same day.
So, I can confidently say that HostedScan offers relatively prompt email support.
HostedScan Alternatives
While HostedScan has some great features, it may not fit your needs.
As I wrap up this HostedScan review, you might wonder who should use it.
Ive listed them below.
Who Shouldnt Use HostedScan?
Whats more, it’s possible for you to integrate it with your DevSecOps!
I wouldnt recommend the platform to global enterprises due to these reasons.
So, based on my evaluation of the platform during testing,HostedScanreceives theGeekflare Value Award!
This makes it an ideal scanning platform for SMBs, business websites, and MSPs.
