Vulnerability Scanning

SCHAN is our vulnerability scanning, management and remediation solution. 
A fully featured vulnerability assessment platform that helps you stay on top of threats.

Introducing Secure GI

Secure GI is our vulnerability scanning, management and remediation solution. A fully featured vulnerability assessment platform that helps you stay on top of threats. We work closely with our security researchers and developers to turn the latest security findings into vulnerability tests. This way, you can access exclusive security research and test your infrastructure, systems and web application for hundreds of vulnerabilities.

At the present time, Secure GI is able to scan, check and validate 158,319 vulnerabilities. Can your vulnerability scanner do that?

Secure GI goes further than just vulnerability scanning though. Many vendors offer a “Vulnerability Management” platform which is nothing more than a vulnerability scan. For clients on our Advanced Plan, we include a remediation option. Remediation is carried out by our technical team through a VPN to your network. Typically performed out of core business hours, we will work through the vulnerabilities in a risk led approached. 

  • Critical Risk Exploitable Vulnerabilities
  • High Risk Exploitable Vulnerabilities
  • Critical Risk Vulnerabilities
  • High Risk Vulnerabilities
  • Medium Risk Vulnerabilities that constitute a PCI-DSS or CE failure
  • All other Medium Risk Vulnerabilities
  • Exploitable Low Risk Vulnerabilities

The Secure GI Platform

Hosted in the UK and split between our own datacenter, Digital Ocean and Amazon Web Services, the Secure GI platform is a robust and highly available vulnerability scanning and assessment platform. Featuring 64 scanning engines available at idle load and able to dynamically resize, Secure GI is able to perform any size of vulnerability assessment in a short amount of time.


Recurring vulnerability tests check your infrastructure, system and applications for over 100,000 vulnerabilities.


Skilled security researchers’ latest findings are built into the service to help you in managing your vulnerabilities.


Share your Hedgehog Scan reports with your co-workers and improve your security knowledge.


Act on the scan reports yourself or use our remediation service to address the vulnerabilities for you.

The Secure GI Appliance

There are many vulnerability scanning and assessment platforms available via the internet. One of the biggest limiting factors with these services is the inability to scan internal networks or within cloud environments. That is where the Secure GI Appliance comes in.

The Secure GI Appliance in physical form is about the size of a micro PC and sits inside of your network. For cloud environments, we offer a fully built cloud instance image for Amazon AWS, Google, Azure and Digital Ocean. Others are available on request.

How it works

Featuring a local scanning engine, the appliance uses HTTPS to communication back to the main systems using a TLSv1.3 with an AES256 VPN tunnel. All data captured is stored in an isolated database in the core that is individually encrypted to each client.

Secure GI is



Securing Outside
£ 95
  • Weekly Website Vulnerability Scan
  • 0.5 hr of engineering time*
  • False positive removals
  • PDF Reports


The Baseline
£ 195
  • External Vulnerability Scanning of your Business
  • Annual Internal Scanning
  • 1 hr a month of engineering fix
  • 1 hr a month of CISO time
  • Cyber Essentials certification assured in month 4
  • Free Online Awareness Training
  • 20% discount on penetration testing


Deeper Cyber Security
£ 345
  • Everything from GI Secure
  • External Vulnerability Scanning 12 IP's
  • Monthly Internal Scanning of 50 IP's
  • Extra hr of engineering fix time
  • Cyber Essentials Plus assured by month 6
  • Password Breach Notification for your Business
  • £20k Cyber Liability Insurance*

Try for Free

Not sure of what you will get from SecureGI? Why not try it out for free.

What does Secure GI do?
We’ll test your website or blog to see if it is vulnerable to being hacked. Each page will be tested for security weaknesses. We’ll then provide you with a report that you can use to correct any problems.

Is it really free?
Yes. We’ll do a complete scan of your web site and provide a confidential report of any security problems we find. If you wish, scanning can be repeated on a weekly or monthly basis to help you keep up with new security issues as they come up. Multi-site accounts and PCI certification testing is available for a small fee, but scanning your first site is really free.

Why should I test my site?
The code in your site may be written in a way that would make it easy for a hacker to gain control of it or even its server. Other code errors can be exploited to cause harm to your visitors. Our testing will reveal code and server problems and the report we provide has the information you and your webmaster need to make corrections.

My site has already been attacked, how can you help?
Secure GI will reveal the weakness that the attacker probably used to gain initial access to your site. These weaknesses must be fixed at the same time you repair any damage done by the hacker or it is likely to happen again.

Can your tests damage or change my site?
No. Our tests will not harm or change anything on your site, its applications or server.

Do I need to prepare my site for testing?
Please adjust any intrusion prevention or web application firewall solution to allow our system to run tests. ‘White list’ or allow testing from the IP addresses: and

Will your tests interrupt my visitors?
No. Our service is designed to be used on ‘live’ sites and your visitors will not even notice that testing is in progress.

What happens when the testing is complete?
You will receive an email invitation to log in to your personal and confidential SecureGI account. There you will find your report of any vulnerabilities we discovered and their relative severity.

Why do I need a ScanMyServer account ?
The Secure GI account allows you to view your test results, control what pages are tested on your site, how often it is tested and more. Like the testing, the account is free.

What are the odds that my site has a security problem?
It depends upon its size, complexity and the server that hosts it. About one third of all sites have at least one ‘high risk’ vulnerability. High risk issues call for immediate correction. Two thirds of all sites we test have a ‘medium risk’ issue. These should be corrected soon. Almost all sites have some ‘low risk’ vulnerabilities and these can be addressed if and when you have the time.

What do I do if you find a problem?
Many of our customers fix the security problems themselves using the guidance provided in our reports, others alert their webmaster or host for help. We do not provide webmaster services.

Is my security report confidential?
Yes. The results of your tests are confidential.

Do you need my website password or any special access to my site?
No. We can test every page that your website visitors can visit. We can also test password protected pages if you give us permission.

Why do I have to ‘confirm’ my site?
Confirming the site by installing our security seal proves that you have admin rights to the site and are qualified to request testing of it. It is also good business practice to let your site visitors know that you care about their online security.

Scroll to Top