Speed up SSL issuance
GoGetSSL® offers fastest issuance of SSL due to use of LEI code and API automation. Legal Entity Identifier (LEI) is a global identity code, just like DUNS. Learn how LEI works.
TrulyTrust™ - Scanner
It is important to keep your website and web applications protected and safe, and checking for all kinds of vulnerabilities is no easy task even to advanced users. You should know how to set up your system to use correct SSL/TLS Ciphers, Security Headers, protect against Cross-site scripting and other possible security issues. Do you have time for that on a weekly/monthly basis?
VULNERABILITY SCANNER WITHOUT COMPROMISES
Scale security with a vulnerability assessment tool that covers complex architectures and growing web app portfolios.
- Automate vulnerability scanning and embed it into your dev process
- Set it up in minutes and start scanning
Fastest setup on the market
Set up and start scanning in minutes. Automate your scans and integrate them with ease in your development process and toolchain.
Fast Security Assessment
Add immediate value to your team’s work with web app scans benchmarking against OWASP Top 10 and secure your security hygiene.
Focus On Great Output
Automated vulnerability scanning allows you to save time and focus on your work, delivering you information on your web application or API security risks that need fixing before pushing to Production.
Enhance Scanning Confidence
Implement a vulnerability scanner in your build that you can trust – very low false positives and negatives. Get accurate reports with remediation advice.
Reduce The Risk Of Being Hacked
Spot security risk before hackers do. Prevent modern attacks and save big on possible exploited security issues.
Vulnerability Reports For Everyone
Download useful scan reports in PDF, XML, and CSV and easily share them with team members, executives, and clients.
Our Technology Partners
-
Crashtest Security
Our new German (DE) technolohy partner is the innovator within cyber security for web applications, Crashtest Security develops automated vulnerability assessment solutions that suit the needs of the agile developer or DevSecOps. The clear vulnerability insights provide transparency and actionable steps to enable efficient risk mitigation and particularly reducing the risk of getting hacked.
-
DigiCert CA
For the past years, GoGetSSL established strong strategic relations with DigiCert CA helping us running successful projects. The most experienced validation teams of DigiCert provide us with organization verification services to run the TrulyTrust Risk Score project.
| Basic Basic | ProfessionalProfessional | |||
|---|---|---|---|---|
| General Features | ||||
| General Features | ||||
| OWASP Top 10 Vulnerability Scanning | ||||
| Scan type | ||||
Scanner typeFull scan requires domain verification via validation file (HTTPS) |
Quick scan | Full Scan | ||
OWASP Top 10 Vulnerability ScanningScans for the OWASP Top 10 vulnerabilities. A complete list of our scanners in the "Features" tab. |
||||
| Automated Domain Verification | ||||
Automated Domain VerificationVerify scan targets for invasive scanning through placing a file on your system or a specific API-response for a GET-statement. |
||||
| Speed up Scanning | ||||
Speed up ScanningEnables adjusting the scan requests per second. |
||||
| Access to security wiki | ||||
Access to security wikiIncludes general descriptions, code snippets for fixing, and videos. |
||||
| Regular Updates | ||||
Regular UpdatesWe provide regular updates and new features to our scanners and the user interface. |
||||
| Scan Targets | ||||
| Scan Targets | ||||
| Multi Page Web Applications | ||||
Multi Page Web ApplicationsAn application, which consists of multiple individual pages. This is typically the case, if you have a HTML, JSP, etc. per page displayed in your browser. |
||||
| Deep Scan – Automated JavaScript Scanning | ||||
Deep Scan – Automated JavaScript ScanningAn application, which is based on JavaScript. This is typically the case, if the application is based on or uses frameworks like Angular, React, Vue, jQuery or similar. |
||||
| REST API Scanning | ||||
REST API ScanningAn application programming interface (API), which is documented in a Swagger / OpenAPI version 2 file. Usually the documentation is stored in a swagger.json file, which can be imported by the scanner. |
||||
| Authentication | ||||
| Authentication | ||||
| Application Login with Credentials | ||||
Application Login with CredentialsLog in to your application via BasicAuth or with user credentials (user/password). |
||||
| Advanced Application Login | ||||
Advanced Application LoginLog in to your application by defining keys and values for Cookies, HTTP Headers, or GET parameters. |
||||
| Scheduling / Automation | ||||
| Scheduling / Automation | ||||
| Detailed PDF Reporting | ||||
Detailed PDF ReportingGet our detailed pdf reporting with a high-level scan summary, detailed scan findings, general and specific descriptions of the found attack vectors, and remediation support. |
||||
| Scheduled Scanning | ||||
Scheduled ScanningCreate a scan schedule for your project to start scans on a daily or weekly basis. |
||||
| Machine-readable reports | ||||
Machine-readable reportsGet our machine-readable reports in CSV, JSON, or XML format. |
||||
| Scanning vulnerabilities and security issues | ||||
| Scanning vulnerabilities and security issues | ||||
| Server Version Fingerprinting | ||||
| Server Version Fingerprinting | ||||
| Web Application Version Fingerprinting | ||||
| Web Application Version Fingerprinting | ||||
| CVE Comparison | ||||
| CVE Comparison | ||||
| Heartbleed | ||||
| Heartbleed | ||||
| ROBOT, BREACH, BEAST | ||||
| ROBOT, BREACH, BEAST | ||||
| Old SSL/TLS Version | ||||
| Old SSL/TLS Version | ||||
| SSL/TLS Cipher Order | ||||
| SSL/TLS Cipher Order | ||||
| SSL/TLS Perfect Forward Secrecy | ||||
| SSL/TLS Perfect Forward Secrecy | ||||
| SSL/TLS Session Resumption | ||||
| SSL/TLS Session Resumption | ||||
| SSL/TLS secure algorithm | ||||
| SSL/TLS secure algorithm | ||||
| SSL/TLS key size | ||||
| SSL/TLS key size | ||||
| SSL/TLS trust chain | ||||
| SSL/TLS trust chain | ||||
| SSL/TLS expiration date | ||||
| SSL/TLS expiration date | ||||
| SSL/TLS revocation (CRL, OCSP) | ||||
| SSL/TLS revocation (CRL, OCSP) | ||||
| SSL/TLS OCSP stapling | ||||
| SSL/TLS OCSP stapling | ||||
| Security Headers | ||||
| Security Headers | ||||
| Content-Security-Policy headers | ||||
| Content-Security-Policy headers | ||||
| Portscan | ||||
| Portscan | ||||
| Boolean-based blind SQL Injection | ||||
| Boolean-based blind SQL Injection | ||||
| Time-based blind SQL Injection | ||||
| Time-based blind SQL Injection | ||||
| Error-based SQL Injection | ||||
| Error-based SQL Injection | ||||
| UNION query-based SQL Injection | ||||
| UNION query-based SQL Injection | ||||
| Stacked queries SQL Injection | ||||
| Stacked queries SQL Injection | ||||
| Out-of-band SQL Injection | ||||
| Out-of-band SQL Injection | ||||
| Reflected Cross-site scripting (XSS) | ||||
| Reflected Cross-site scripting (XSS) | ||||
| Stored Cross-site scripting (XSS) | ||||
| Stored Cross-site scripting (XSS) | ||||
| Cross-Site Request Forgery (CSRF) | ||||
| Cross-Site Request Forgery (CSRF) | ||||
| File Inclusion | ||||
| File Inclusion | ||||
| Directory Fuzzer | ||||
| Directory Fuzzer | ||||
| File Fuzzer | ||||
| File Fuzzer | ||||
| Command Injection | ||||
| Command Injection | ||||
| XML External Entity Processing (XXE) | ||||
| XML External Entity Processing (XXE) | ||||
| Billing Cycle | ||||
| Billing Cycle | ||||
| Payment type | ||||
| Payment type | One-time | Yearly | One-time | Yearly |
| Number of scans annualy | ||||
| Number of scans annualy | 1 | 12 | 1 | 12 |
| 1 year | ||||
| 1 year | $15.00 | $150.00 | $48.00 | $480.00 |
| 2 year | ||||
| 2 years | $262.50 | $840.00 | ||
| 3 year | ||||
| 3 years | $375.00 | $1,200.00 | ||
| Order | Order | Order | Order | |