Skip to content
Free vulnerability scan

How secure is your domain?

SnapScan is the EU-sovereign platform for vulnerability scans and internal pentest. Probe subdomains, reachable services, SSL/TLS and known vulnerabilities – and keep your entire attack surface in view.

Fast scan · ~2 min · critical & high findings
We'll send confirmation and the result report here.
e.g. example.com – only domains/hosts you are authorised for.

If the domain matches your email domain, you'll confirm the scan via a quick email link. Otherwise we'll ask you to verify the domain via a DNS record. Deeper analyses (active tests, AI pentest) run exclusively through an authorised engagement in the operator console.

No account needed for your first scan · See all scan types

EU-sovereign & self-hosted

Run in your own environment, controlled VPN egress with a kill switch, no data exfiltration. Offline-verifiable licences for appliances.

Authorised & traceable

Every test is bound to a proven scope – with a signed scope document, append-only audit trail and kill switch.

Proof, not guesswork

Verified findings with evidence artifacts, CVE/CVSS classification and CISA-KEV enrichment instead of long false-positive lists.

Recognised security research

Listed in their Halls of Fame

The team behind SnapScan is credited in official Vulnerability-Disclosure programmes for responsibly reported vulnerabilities — the same diligence goes into every scan.

One platform for your entire attack surface

From the external domain to the internal network: pick the scan type that fits your goal – usable on its own or combined into a continuous programme.

How it works

Four steps from your first scan to continuously validated security.

  1. 1

    Provide a target

    Enter a domain and prove authorisation – or create a pentest project with a defined scope.

  2. 2

    Scan runs

    SnapScan maps the attack surface and probes for vulnerabilities – over controlled VPN egress.

  3. 3

    Understand findings

    Results sorted by severity, with evidence, verification and a recommended action.

  4. 4

    Fix & re-test

    A 1-click re-test confirms remediation; continuous validation keeps your posture current.

Who is SnapScan for?

Whether you have no in-house security team or a specialised pentest team – SnapScan grows with your ambition.

SMBs & mid-market

A fast, understandable security posture without an in-house security team – from the free check to ongoing validation.

Agencies & service providers

White-label reports for client projects, distributed scanning and a searchable asset inventory per tenant.

Security & IT teams

Internal pentest with an in-network runner, Active Exploitation and Rapid Response to new N-day CVEs.

Security is not a single date

Keep your posture current with continuous validation and react with Rapid Response to new N-day CVEs in minutes.

Frequently asked questions

Is SnapScan EU-sovereign?

Yes. SnapScan is built for self-hosted operation in the EU; all scan traffic runs over controlled VPN egress with a kill switch.

Do I need authorisation to scan?

Yes. Public scans require proof of authorisation (email-domain match or DNS-TXT record); internal pentests run exclusively within an authorised engagement.

What does it cost to get started?

The external vulnerability scan is available in the Free plan without a credit card. Larger engines, distributed scanning and internal pentest are available in the higher plans.

Can I cancel anytime?

Yes. Subscriptions are managed via the Stripe customer portal and can be cancelled at the end of the period.

Ready to get started?

Start for free with an external scan or talk to us about an enterprise deployment with internal pentest and appliances.