Reliable security assessments for a secure website

  • We are IT security experts that help you secure your web applications
  • We use proven hacking methods and techniques, used by real hackers
  • Schedule a security assessment within a few minutes
  • Manual and automated tests combined


  All Vulnerabilities

No stone is left unturned. We check for all types of vulnerabilities such as SQL injections, Cross Site Scripting, weak passwords, hidden files and much more.

  Schedule your Scan

Request your security assessment now and your scan will be scheduled within 3 working days.


Availability of multiple report formats, including comprehensive developer reports, concise management reports, NCSC guidlines and PCI Security standard compliance reports.

  Security Experts

Scans are conducted by trained and certified IT security experts with years of experience.


Cost-efficient re-assessments. A minor update of the web application code or adjustment to a single web server setting could cause new vulnerabilities. Have your web application frequently checked.

  Trustmark Logo

Show your website visitors you highly value data security. The trustmark logo links to Web Security Scan acknowledging your web application is actively being scanned.


Support for all web technologies such as PHP, ASP, JAVA, HTML5, SOAP, XML, JSON, etc.

  Ethical Hacking

Using actual hacking methods, techniques and software potential threats and vulnerabilities are identified.

  Track Record

Having supported dozens of public, non-public, commercial and non-profit organizations, Web Security Scan has established a succesfull track record.

Why Web Security Scan?

64% of all websites are vulnerable

Research shows that a stunning 64% of all web sites/web applications contain vulnerabilities. Cross-Site Scripting and Information Leakage prove to be most frequent vulnerabilities in the applications. The graph below shows the probability that a vulnerability class is encountered at least once in a web site.

Vulnerability table

Recommended by the Dutch National Cyber Security Centre

The National Cyber Security Centre of the Dutch government (NCSC) state in their ICT security guidelines for web applications (IBW under section B3-15) that an (automated) blackbox scan must be carried out periodically. The recommendation has been marked as high priority.

A blackbox scan emulates a hacker's approach the best, since the scanner has no knowledge beforehand about the web application that will be tested for vulnerabilities. Tools to perform blackbox scans are known as Web Application Scanners (WAS). A WAS performs a large number of tests on a web application, e.g. tests for several variants of SQL injection and XSS.