Explore more technical details here
Close
xsignal.io
ДРУГИЕ СЕРВИСЫ
DATABASES
WEBSITES
DIGITAL INFRASTRUCTURE
WEB APPlICATIONS
APIS
Look at your network through a hacker's eyes. Quickly discover and report vulnerabilities in:
Online vulnerability scanner. Find, fix and prevent threats, before hackers do
XSignal.io is a cloud based solution. We do not require access to client infrastructure, accounts and passwords.
Why should small businesses
think about cyber security?
</>
Since the first cyber attack in November 1988, the number of known vulnerabilities has grown rapidly every year.
/*
Any digital infrastructure in a company of any size is under attack: software, websites, applications, web services, etc.
{...}
While large companies spend millions to protect themselves, small businesses don't even follow the basic rules to defend against cyberattacks.
Number of known vulnerabilities in the world
New vulnerabilities discovered over the year
Total number of vulnerabilities
$3.86
average damage to companies from cyberattacks in 2020
206
on average pass before a company finds a vulnerability
days
73
are required on average to fix the found vulnerability
days
When a small business fails to follow the basic rules it becomes an easy target. Companies of all sizes, in all industries, risk the loss of sensitive customer data, money, and reputation.
mio
Common Types of Cyber Security Threats

Access to sensitive data and banking information
Hackers attack your online banking and customer sensitive personal data.
Extortion
Hackers lock down the company's infrastructure and demand crypto money to unlock it.
Reputation
Sometimes hackers just play around. They can post shock content on your site just for fun.
Leaks of commercial information
At the request of competitors, hackers retrieve information from databases, contracts, and internal company systems.
What are vulnerability scanners
Vulnerability scanner is a simple and easy to use automated tool to identify and report on security issues known as vulnerabilities.

XSignal has hundreds of automated tests. It can identify security holes which could be used by hackers to steal your sensitive information, gain unauthorised access to your systems, or to cause a general disruption to your business.
An external vulnerability scan can help organizations to identify and fix security vulnerabilities that an adversary can use to gain access to its network.
How it works
If you are curious about how the service works, explore this section with technical details.
Diagnostics
  • We provide multiple types of diagnostics
  • General subdomains search
  • Subdomains search using SSL certificates
  • Reverse resolution of IP addresses
  • IP addresses search using SSL fingerprints, ASN names
Web-services
  • Checks for secure configuration of common CMSes like Wordpress
  • Checks for possible SQL Injection attack vectors
  • Checks for possible XXE, XXS, LFI / RFI, RCE attack vectors
  • Checks for usage of well-known account credentials
  • Checks for unrestricted external access to files and directories (dirsearch)
  • An analysis of misconfigured HTTP-headers and cookies
  • Checks for cross-site request forgery (CSRF) vulnerabilities
  • Checks for general server misconfiguration
  • General vulnerabilities search based on detected product versions
Monitoring
  • Definition of open services and their versions
  • Searching for new subdomains
  • Controlling the lifetime of SSL certificates
  • Domain name expiration control
Network services
  • Checking the use of standard or anonymous KMs (Mysql, FTP)
  • Checking the current detection
  • Checking Well-Known SSL Vulnerabilities
How it works
If you are curious about how the service works, explore this section with technical details.
Diagnostics
  • We provide multiple types of diagnostics
  • General subdomains search
  • Subdomains search using SSL certificates
  • Reverse resolution of IP addresses
  • IP addresses search using SSL fingerprints, ASN names
Web-services
  • Checks for secure configuration of common CMSes like Wordpress
  • Checks for possible SQL Injection attack vectors
  • Checks for possible XXE, XXS, LFI / RFI, RCE attack vectors
  • Checks for usage of well-known account credentials
  • Checks for unrestricted external access to files and directories (dirsearch)
  • An analysis of misconfigured HTTP-headers and cookies
  • Checks for cross-site request forgery (CSRF) vulnerabilities
  • Checks for general server misconfiguration
  • General vulnerabilities search based on detected product versions
Monitoring
  • Definition of open services and their versions
  • Searching for new subdomains
  • Controlling the lifetime of SSL certificates
  • Domain name expiration control
Network services
  • Checking the use of standard or anonymous KMs (Mysql, FTP)
  • Checking the current detection
  • Checking Well-Known SSL Vulnerabilities
Don't worry. XSignal will not have access to your data
XSignal looks at your network infrastructure "through the eyes of a hacker".

XSignal has no more access than a regular website user.

XSignal is a cloud service that doesn't have access to internal systems, accounts and passwords. XSignal doesn't need to be installed on infrastructure.
Reports, dashboards and infographics. Instant email notifications
XSignal can be used not only by DevOps, DevSec and other technical specialists but also by managers and business owners. The threats in the report are sorted by their danger level and described as non-technically as possible.
GDPR and other
compliance testing
XSignal checks if your website is compliant with personal data laws in Europe and the United States like GDPR and CCPA.

For example, there are strict penalties for non-compliance: under the GDPR, a company can be fined up to €20,000,000 or up to 4% of its annual revenues.

XSignal checks for the availability of a privacy policy statement, whether a website visitor is asked to agree to it and whether a visitor can withdraw their consent.

When a visitor requests information on what data your service has already collected about them via cookies XSignal will help to generate a correct report automatically.
What our customers say



by
XSignal is a simple and easy tool to recommend to your clients.
Founder at Infoshell - Mobile, Web, and digital integration
The service has surprised by its ease of use, but at the same time by its quality scanning for vulnerabilities not only in network services but also in web applications. A large database of vulnerabilities and clear recommendations allow improving and maintaining the security of your IT infrastructure.
Cyber Security Consultant
Timely server software updates can help you avoid 99% of security problems, and XSignal will always remind you when it's time to update your servers' software.
Head of Software Development at Alfa Bank
If you want to secure your company's infrastructure, you first need to know its weaknesses and outline the range of possible threats. XSignal can help you do just that.
Pavel
Chief Data Security Officer
About us
XSignal Inc
We are participants of the Starta.vc accelerator 2021, based on New York, US.

Our experts have over 20 years of experience in cybersecurity around the world. We specialize in penetration testing and DAST (Dynamic application security testing )
Plans
Basic
hosts/resources/ sites
10
scans per month
50
$95
/mo.
$950
/annually
Premium
hosts/resources/ sites
50
scans per month
$295
/mo.
$2950
/annually
Need more?
Just write to us
-16.5%
by paying annually
Faq
How reliable is your protection?
Xsignal is a scanner. Our service only will scan the network infrastructure and show vulnerabilities. It is your job and your responsibility to fix these vulnerabilities. We will show you exactly what vulnerabilities you have, how dangerous they are. We'll let you know instantly if new ones appear and show you how to fix them.
Do I need a permission to run Scanner on third-parties?
No, we use only OSINT discovery and non-intrusive security testing methodologies that normally do not require a pre-authorization from the targeted company, differently from penetration testing for example. Therefore, you can use XSignal to scorecard your suppliers or vendors for third-party risk management purposes.
Why can I trust you?
Because we do not have access to your data. Our service does not need to be installed on a computer - therefore, no more is available to us than to your website visitors. We only check the external perimeter.
How reliable is your protection?
Xsignal is a scanner. Our service only will scan the network infrastructure and show vulnerabilities. It is your job and your responsibility to fix these vulnerabilities. We will show you exactly what vulnerabilities you have, how dangerous they are. We'll let you know instantly if new ones appear and show you how to fix them.
Do I need a permission to run Scanner on third-parties?
No, we use only OSINT discovery and non-intrusive security testing methodologies that normally do not require a pre-authorization from the targeted company, differently from penetration testing for example. Therefore, you can use XSignal to scorecard your suppliers or vendors for third-party risk management purposes.
Why can I trust you?
Because we do not have access to your data. Our service does not need to be installed on a computer - therefore, no more is available to us than to your website visitors. We only check the external perimeter.
Apply for a trial today -
Let us find vulnerabilities for you
before hackers do
© 2020 --2021 XSignal Inc
19801, US, Delaware, 919, North Market Street, Suite 950
support@xsignal.io


Services
  • Audit
  • Pentest
This website uses cookies to ensure you get the best experience
OK