Developer-friendly automated Web Application and API vulnerability scanner Starting at ~$0.164/hour.
We scan your Web Applications or APIs and are able to detect over 30,000 vulnerabilities. We’re constantly adding new checks, too. We look for classes of vulnerabilities so we can handle your custom-built software, but also find well-known vulnerabilities. Vulnerabilities are ranked by severity and include a tailored how-to fix as well as a history log, so you can keep track of them.
Each vulnerability includes a description, evidence of it, and helpful code or configuration snippets that you can use to fix it. We detect the technologies you use and tailor the instructions to your case. You won’t need to through a wall of text to find the fix you need.
Our API vulnerability scanner is able to detect large amounts of potential vulnerabilities allowing you to actively run security testing as part of your API development process, no matter how you operate.
If you have a Single-Page Application (SPA) that makes XMLHttpRequests (XHR) to an API, we will seamlessly follow those requests and scan the API endpoints. If instead, you want to scan standalone APIs, you can do so via providing OpenAPI/Swagger schema files or Postman Collections.
We report only the security vulnerabilities that matter, with a near-zero false positive rate of 0.06%, ensuring that detected vulnerabilities are a real threat and need to be addressed. No unnecessary noise so you don’t waste time checking or trying to fix what you don’t need. If a finding is unexploitable, we don’t report it.
You can seamlessly integrate Probely with your tools by using our addons or integrate with anything through our full-featured, easy to use, and well-documented API. Our add-ons include tools such as ArmorCode, Azure DevOps (Boards), CircleCI, DefectDojo, Jenkins, Jira, JupiterOne, ShortCut, and Slack.
Our web app is powered by our API, meaning anything that can be done using the web app can also be done directly via the API. Use it to integrate our tests with your CI/CD pipeline, issue tracker or Slack (for instance).
Get an easy and effective way to comply with the requirements related to application security testing of PCI-DSS, SOC2, HIPAA, ISO27001, GDPR, and other local-specific privacy acts standards using a series of detailed requirement reports that can be used as evidence to showcase your compliance
Scans for the Log4j / Log4Shell / CVE-2021-44228 vulnerability.
The available application locations for this add-on are shown below, and depend on whether the application is deployed to a Common Runtime region or Private Space. Learn More
|Region||Available||Installable in Space|
Need a larger plan? Let our customer success team help! Learn more.
To provision, copy the snippet into your CLI or use the install button above.