Detectify was integrated by Mindflow to enable users to automate their incident management and better protect their information system.
Detectify is a web app scanner powered by ethical hacker research. It scans your system for vulnerabilities, and it’s available as an Internal scanner for applications under development; and an External vulnerability scanner for IT operations teams.
Most vulnerability scanners look for well-known exploits, such as SQL injection. Detectify has a different approach. It has created an agency, CrowdSource, to reap the research of “white hat hackers” and discover new weaknesses.
Anyone can register and then report a security weakness. Suppose that weakness isn’t already covered in the Detectify library. It gets added, and the contributor earns a fee every time that flaw is discovered in a client system during a vulnerability scan. Detectify has a permanent bug bounty system operating, it doesn’t pay a lump sum, but a commission, a rarely encountered exploit, doesn’t cost them anything.
Thanks to that system, Detectify constantly adds to its list of known vulnerabilities, and it doesn’t share these with the broad cybersecurity industry. Penetration testers only get paid if they discover a new exploit.
As a middleman, Detectify has eradicated the high cost of research and passed the risk of never recovering research costs to individual technicians.
Detectify offers three plans:
The Deep Scan system is suited to DevOps. It offers on-demand, scheduled, and continuous scanning, ideal for integration into a CI/CD pipeline. The scanner can be invoked either for an on-demand run or through an autodiscovery process.
Asset Monitoring is an external scanning service that doesn’t rely on dynamic testing strategies. It catches vulnerabilities that a DAST method would miss. The user inserts a URL into a field in the dashboard and then turns on automatic scanning. The vulnerability manager will start a discovery service that chains through all pages in a given website and identifies all components. It then looks for the location of those services and scans them for lower layers of supporting functions. This recursive process continues until all supporting infrastructure has been traced.
By integrating with Detectify, Mindflow allows users to have a different approach to security, thanks to CrowdSource, to reap the research of “white hat hackers” and discover new weaknesses.