Chose any category for frequently asked questions. If you can’t find, Contact Us.

General Scan Payment Solution Legal

 FAQs - General

  • Wiseep is an online security service that performs security scans for all type of digital assets such as wildcard domains, single domains, scans with credentials, mobile apps, desktop apps or infrastructure scopes. Apart from a small service fee, it charges according to the risk status of the security vulnerabilities identified. It is a solution that the customer can pay for if they have a security vulnerability.

  • Wiseep performs the security checks that are fully compatible with the relevant scope on the scope it receives from the end user, with the most ideal payload amount, using a hybrid scanning perspective developed with both an automated and partially manual perspective. Scope is passed through all penetration testing steps from A to Z. Outputs are only reported to the user with their risk and POC if they are likely to pose a risk.

  • Users can start the service with a low scan fee and only pay if there is a security vulnerability, so they can be sure of the security of their systems with this small scan fee. If there are security vulnerabilities that will jeopardize the security status of the institution after the scan, they can use their budget in the most efficient way by paying only for these vulnerabilities.

  • The system works with the logic of taking input and giving output. It goes through scan engines that recognize inputs and perform relevant security scans, and is exposed to all kinds of stages, such as information gathering, fuzzing, port scanning, service scanning, URL creation, uniq stages, and finally discovering of vulnerabilities. For the identifying of vulnerabilities and the same tests from other processes, checks are performed by more than one scanners and modules.

 FAQs - Scan

  • Wiseep has the capacity to scan all digital assets. It can scan scopes of all sizes from the smallest to the largest scope. It can scan multiple large wildcard scopes such as *.wiseep.com at the same time, as well as a web application with a single website or with user accounts. It can also perform all types of infrastructure tests, mobile application and desktop app tests.

  • Yes. Wiseep can scan one or multiple wildcard domains (such as *.wiseep.com ) at once. It discovers subdomains, verifies valid domains, scans ports, creates URLs, makes URLs with the same redirection or content unique, and scans all open services.

  • Yes. Wiseep has an information gathering module for all web application tests, performing various online and offline information gathering activities, including sensitive leakages.

  • This completely depends on the size of the application, our scans take longer than standard scanners but 80% less than manual tests. Wiseep has achieved this by largely automating manual tests. Findings are verified and reported with the POC, so we do not have false positive results. False negative cases are at minimum rates.

 FAQs - Payment

  • The pricing varies depending on the scope type and the payment plan chosen by the customer. There are prices to be paid according to the severity of the security vulnerabilities in the payment plan, the end user can purchase the scanning service by choosing the payment plan that best suits their budget. There is an inverse proportion between the severity of the security vulnerabilities and the scan fee. For example, if a lower scan fee is desired, a payment plan with a higher payment per severity should be selected.

  • Of course, you can use both bank transfer and online payment options. You can follow the instructions on the payment screens or sent to you via email.

  • Unfortunately, the scan fee is not a refundable fee in case of no findings, as it is a small compensation for the scanning services performed. However, if no findings are found, we provide a 30% discount code for subsequent purchases.

  • Yes, after scanning, you can only make payments for the vulnerabilities you are interested in and access their details. For this, you can make online payments for the number of vulnerabilities according to the severity of the vulnerabilities you are interested in and access the relevant vulnerability details.

 FAQs - Solution Details

  • Using various modules on the system, it detects security vulnerabilities in systems by running the relevant modules according to the incoming scope type. In cases where automation is not possible, it makes the target systems most suitable for manual review. Although a large proportion of the tests are automated, manual review is performed for the 5-10% of the sections that cannot be automated and for the detection of some false positive situations.

  • Yes, wiseep runs all modules as multi-threaded, the application runs multi-threaded both during the execution of modules and during scanning for other operations and security vulnerabilities under the modules.

  • Wiseep is largely a pay as you go model solution, except for the scan fee paid at the beginning. For this reason, it is very budget-friendly for customers. Payment is made only if there are security vulnerabilities, so if you do not have a security vulnerability, you do not have to pay anything other than the scan fee, if you have security vulnerabilities, you only pay for them. Apart from this, you can determine your security status without having to employ personnel for security tests and pay for various license products.

  • Wiseep was developed by a team that has been performing security tests for nearly 20 years. Since it reflects the experience and approach of a team that performs security tests for all types of applications from every sector, the scanning module is quite solid in detecting the findings. The application is constantly updated with current vulnerabilities and security perspectives. We continue to work with a strong team to keep our false positive rate 0% and our false negative rate as low as possible.

 FAQs - Legal

  • Yes, Wiseep is fully compliant with data protection regulations, including GDPR. We take the privacy and security of our users’ data seriously. Any data collected during the vulnerability scanning process is handled in accordance with GDPR principles and other relevant data protection laws. Users also have control over their data and can request its deletion at any time.

  • No, you can only scan assets belonging to your own organization with Wiseep. Wiseep requires you to make some configurations such as creating a DNS TXT record to confirm that you own the assets before starting the scans.

  • Wiseep’s vulnerability scans are designed to be non-invasive, and we take precautions to avoid any disruption to your website’s operations. However, Wiseep is not liable for any damages, losses, or disruptions that occur during or after the scanning process. It is advised to ensure that your website is properly backed up before running any security tests.

  • No, Wiseep does not share scan results with third parties without your consent. The scan results are private and only accessible to the account holder. We respect your privacy and will not disclose any information unless legally required by law enforcement or regulatory authorities.