How secure is your domain?
SnapScan is the EU-sovereign platform for vulnerability scans and internal pentest. Probe subdomains, reachable services, SSL/TLS and known vulnerabilities – and keep your entire attack surface in view.
If the domain matches your email domain, you'll confirm the scan via a quick email link. Otherwise we'll ask you to verify the domain via a DNS record. Deeper analyses (active tests, AI pentest) run exclusively through an authorised engagement in the operator console.
No account needed for your first scan · See all scan types
EU-sovereign & self-hosted
Run in your own environment, controlled VPN egress with a kill switch, no data exfiltration. Offline-verifiable licences for appliances.
Authorised & traceable
Every test is bound to a proven scope – with a signed scope document, append-only audit trail and kill switch.
Proof, not guesswork
Verified findings with evidence artifacts, CVE/CVSS classification and CISA-KEV enrichment instead of long false-positive lists.
Listed in their Halls of Fame
The team behind SnapScan is credited in official Vulnerability-Disclosure programmes for responsibly reported vulnerabilities — the same diligence goes into every scan.
Bundeswehr
Listed in the German Armed Forces' acknowledgements (VDPBw) for reported vulnerabilities.
BSI
In the Hall of Fame of the German Federal Office for Information Security for coordinated disclosures.
heise
In the heise Security Hall of Fame for responsibly disclosed vulnerabilities.
One platform for your entire attack surface
From the external domain to the internal network: pick the scan type that fits your goal – usable on its own or combined into a continuous programme.
External scan
The 1-click check for your domain: subdomains, reachable services and known vulnerabilities – in minutes.
Recon & mapping
The complete outside view: every subdomain, every service, every forgotten asset – mapped and monitored.
Deep scan
The thorough check: active vulnerability tests with verification – not guesses, but proof.
AI pentest
An autonomous AI agent thinks like an attacker: combines findings, follows paths and explains them clearly.
Internal pentest
An authorised agent inside your own network: Active Directory, credential testing and lateral movement – with a signed scope.
Active Exploitation
From suspicion to proof: controlled exploitation proves a vulnerability unambiguously – in three graded modes.
Rapid Response
New critical CVE? One API call checks your entire fleet immediately – and you know within minutes whether you're affected.
Continuous validation
Security is not a single date: ongoing re-scans, a stable finding history and an always-current risk picture.
How it works
Four steps from your first scan to continuously validated security.
- 1
Provide a target
Enter a domain and prove authorisation – or create a pentest project with a defined scope.
- 2
Scan runs
SnapScan maps the attack surface and probes for vulnerabilities – over controlled VPN egress.
- 3
Understand findings
Results sorted by severity, with evidence, verification and a recommended action.
- 4
Fix & re-test
A 1-click re-test confirms remediation; continuous validation keeps your posture current.
Who is SnapScan for?
Whether you have no in-house security team or a specialised pentest team – SnapScan grows with your ambition.
SMBs & mid-market
A fast, understandable security posture without an in-house security team – from the free check to ongoing validation.
Agencies & service providers
White-label reports for client projects, distributed scanning and a searchable asset inventory per tenant.
Security & IT teams
Internal pentest with an in-network runner, Active Exploitation and Rapid Response to new N-day CVEs.
Security is not a single date
Keep your posture current with continuous validation and react with Rapid Response to new N-day CVEs in minutes.
Frequently asked questions
Is SnapScan EU-sovereign?
Yes. SnapScan is built for self-hosted operation in the EU; all scan traffic runs over controlled VPN egress with a kill switch.
Do I need authorisation to scan?
Yes. Public scans require proof of authorisation (email-domain match or DNS-TXT record); internal pentests run exclusively within an authorised engagement.
What does it cost to get started?
The external vulnerability scan is available in the Free plan without a credit card. Larger engines, distributed scanning and internal pentest are available in the higher plans.
Can I cancel anytime?
Yes. Subscriptions are managed via the Stripe customer portal and can be cancelled at the end of the period.
Ready to get started?
Start for free with an external scan or talk to us about an enterprise deployment with internal pentest and appliances.