Automatic Asset Discovery
VSS efficiently identifies device operating systems, ports, services, and components, so that you can better discover unknown assets as well as manage and control existing ones. It also visualizes asset risk data to help you gain clearer insights into the changes in asset risk trends.
In-depth Vulnerability Scan
- Web vulnerability detection
VSS protects websites from dozens of common vulnerabilities, such as SQL injection, command injection, code injection, file inclusion, XSS attack, and CSRF attack.
- 0/1/N-Day vulnerability detection
VSS is preconfigured with thousands of harmless proof of concepts (POCs) tested and audited by Tencent Security engineers to verify vulnerabilities in web applications, web middleware, databases, operating systems, software services, IoT devices, routers, cameras, and industrial control devices.
Weak Password Detection
VSS scans dozens of asset components for weak passwords, including FTP, SSH, RDP, MySQL, Oracle, IMAP, Memcached, and Redis.
Risk Evaluation Report
VSS can generate comprehensive multidimensional risk scan reports based on scan results, which cover vulnerability detection and content risks and offer professional repair suggestions.