Skip to content
All services
Deep · active vuln tests

Deep Scan – In-depth Vulnerability Analysis

The deep scan is the most thorough automated engine: it runs active vulnerability tests, goes beyond pure banner analysis and returns verified findings with evidence artifacts. For teams that don't just want to know what might theoretically be vulnerable – but what actually is.

Available from plan Pro.Engine: Tief / aktiv (deep)

Includes distributed scanning across a cloud fleet for large scopes.

What we check

Here is what the Deep scan covers – concrete and verifiable.

  • Active vulnerability tests instead of pure version heuristics
  • Broad CVE coverage with up-to-date nuclei templates
  • Misconfigurations in web applications and services
  • CISA-KEV enrichment (known exploited vulnerabilities)
  • 1-click verification of individual findings
  • Distributed scanning across a cloud fleet for large scopes

Your benefits

What the Deep scan actually gives you – beyond the pure technology.

Fewer false positives

Active tests and verification confirm whether a vulnerability is really exploitable – you don't waste time on phantom findings.

Proof, not claims

Every finding ships with evidence – a nuclei line, transcript or screenshot. That convinces developers and auditors alike.

Prioritise by real risk

CISA-KEV enrichment highlights vulnerabilities that are demonstrably being exploited – those go straight to the top.

Scales with the scope

Distributed scanning across a cloud fleet spins up automatically, spreads the load and is guaranteed to be torn down again.

How it works

  1. 1

    Scope & authorisation

    Define the target and prove authorisation – deep scans only run against approved assets.

  2. 2

    Active testing

    SnapScan runs active vulnerability tests and collects evidence artifacts for each finding.

  3. 3

    Enrichment

    Findings are enriched with CVE/CVSS, CWE and CISA-KEV status and sorted by risk.

  4. 4

    Verify & fix

    Verify individual findings with one click and confirm remediation after the fix.

Typical findings

  • Actively exploitable RCE in an exposed servicecritical
  • Known exploited CVE (CISA-KEV) on a public hostcritical
  • Authentication bypass in a web applicationhigh
  • Injection vulnerability with confirmed impacthigh

Example finding categories. Actual results depend on your environment.

Use cases

  • Thorough testing of critical, externally reachable applications
  • Solid findings for audits and compliance evidence
  • Validation after major releases or infrastructure changes
  • Large-scale assessment of extensive domain landscapes

Frequently asked questions

Is the deep scan invasive?

It runs active tests but stays within the authorised scope and rules of engagement. Real command execution only happens via Active Exploitation with a separate opt-in.

What does distributed scanning mean?

Large scopes are spread across an ephemeral cloud fleet. It spins up automatically, processes the work and is guaranteed to be torn down – with a fallback to a single host.

How does verification work?

Every finding can be re-tested individually. The result is unambiguous: still present, not observed, or inconclusive.

Goes well with

Ready for the Deep scan?

Start with a free scan or talk to us about the plan that fits your use case.