Vulnerability scanning platform

Find vulnerabilities before attackers do.

SecurityLayer gives your team continuous, automated security scanning across websites, servers, networks, and APIs — powered by industry-leading open-source scanners, managed for you.

Start for free See pricing

First target always free · No credit card required · Scale to 500+ targets

7 Critical

23 High severity

48 Targets monitored

94.2 Avg health score

CVE-2024-3094 · Open Critical

XZ Utils backdoor — remote code execution via liblzma

api.example.com · OpenVAS · CVSS 10.0

CVE-2024-21762 · Open High

FortiOS out-of-bounds write in SSL VPN

vpn.example.com · Nuclei · CVSS 9.8

Nmap
OpenVAS
OWASP ZAP
Nuclei
SSLyze
WPScan

Everything you need to secure your infrastructure

Multiple scanners, one platform. Detect, track, and fix vulnerabilities across your entire attack surface.

Network vulnerability scanning

Detect CVEs, misconfigurations, and weaknesses across your servers and infrastructure using OpenVAS and Nuclei.

Web application scanning

Find XSS, SQL injection, and OWASP Top 10 vulnerabilities in your web applications with OWASP ZAP.

SSL/TLS analysis

Verify certificate validity, cipher suites, and protocol versions. Catch expiring certs before they cause outages.

Port scanning

Discover open TCP/UDP ports and running services with Nmap. Know your exposed attack surface at all times.

CVSS scoring & dashboards

Every vulnerability scored by severity. Real-time dashboards give you instant visibility into your security posture.

Compliance reporting

Map scan results to SOC 2, ISO 27001, GDPR, and more. Generate audit-ready PDF reports in one click.

Automated scheduling

Set daily, weekly, or custom scan schedules. Get alerted instantly when new critical vulnerabilities are found.

API & integrations

REST API, webhooks, Slack notifications, and cloud provider integrations. Fits into your existing workflow.

Up and running in minutes

From signup to your first scan results in three simple steps.

1

Create your workspace

Sign up and name your workspace. Invite team members with granular role-based permissions.

2

Add your targets

Add websites, servers, networks, or APIs. Group them for organised scanning and reporting.

3

Run your first scan

Choose your scanner and hit go. Results appear in real time with actionable remediation guidance.

Simple, transparent pricing

First target always free. No hidden fees. Cancel anytime.

Basic

$49 /month

5 targets included

Nmap, SSLyze, Nuclei scanners
Scheduled scanning
Email alerts
CVSS scoring & dashboards
Compliance reporting
Unlimited team members
Cloud integrations

Get started free

Premium

$109 /month

5 targets included

Everything in Basic
OWASP ZAP web scanning
Authenticated scans
Internal network scanning
Developer API & webhooks
CSV export
Custom email recipients

Start free trial

Professional

$189 /month

5 targets included

Everything in Premium
OpenVAS network scanning
White-label reports
SAML 2.0 SSO
Role-based access controls
Priority support
Multi-client workspaces

Contact sales

All plans include unlimited team members. Additional targets available at per-target rates.

Built for teams at every stage

Whether you're a startup or an enterprise, SecurityLayer scales with you.

Small teams & startups

Enterprise-grade scanning without the enterprise price tag
Automated scheduling means you focus on building
Meet SOC 2 requirements as you grow
One free target permanently — no credit card

Growing & enterprise teams

Multi-workspace support and RBAC
SAML SSO and white-label reporting for MSPs
API-first design integrates with your security toolchain
Manage hundreds of targets across clients

Security and control

Your security data deserves the highest protection.

Encryption at rest and in transit

All data encrypted with AES-256 at rest and TLS 1.3 in transit. Scan credentials stored with application-level encryption.

Role-based access controls

Owner, admin, member, and viewer roles. Scope permissions per workspace for complete team control.

Full tenant isolation

Workspace data is logically isolated. No cross-tenant data access. Audit logs track every action.

Frequently asked questions

Everything you need to know about SecurityLayer.

What scanners does SecurityLayer use?

We use industry-leading open-source scanners: Nmap for port scanning, SSLyze for SSL/TLS analysis, Nuclei for template-based scanning, OWASP ZAP for web application testing, OpenVAS for network vulnerability scanning, and WPScan for WordPress sites.

How does the free tier work?

Every account includes one free target permanently. No credit card required to get started. You can run all available scan types against your free target with no time limit.

Can I scan internal networks?

Yes, with our Premium plan and above. Deploy our lightweight Linux agent behind your firewall to scan internal infrastructure. The agent polls SecurityLayer for jobs and posts results back securely.

What compliance frameworks do you support?

SecurityLayer maps scan results to SOC 2 Type II, ISO 27001, GDPR, CCPA, and TPN (Trusted Partner Network) controls. Generate audit-ready evidence reports with one click.

Do you support authenticated web scanning?

Yes, Premium plans and above support authenticated scanning using recorded login sessions, session cookies, or custom HTTP headers. This allows scanning behind login forms.

Can I import results from other tools?

Yes, you can import vulnerability data from Snyk, GitHub Dependabot, and other tools via CSV or JSON. All imported results are normalised and tracked alongside scanner-detected vulnerabilities.

Is there an API?

Yes, Premium plans include full REST API access with API key authentication. Trigger scans, retrieve results, manage targets, and integrate with your CI/CD pipeline. Webhooks are also available for real-time event notifications.

How does scheduling work?

Set scans to run daily, weekly, or on a custom cron schedule. SecurityLayer automatically runs the scan and alerts you via email or Slack if new critical or high severity vulnerabilities are found.

Can I white-label reports?

Professional plans include custom branded reports. Upload your logo, set brand colours, and generate PDF reports with your company branding for client delivery.

Do you support SSO?

Professional plans include SAML 2.0 single sign-on support, compatible with Okta, Azure AD, Google Workspace, and other SAML identity providers.

How many team members can I add?

All plans include unlimited team members at no extra cost. Administrators, viewers, and members are all free. You only pay per target scanned.

Where is my data hosted?

SecurityLayer infrastructure is hosted in secure data centres with full encryption at rest and in transit. Contact us for specific data residency requirements.

Ready to secure your infrastructure?

Create your account in under two minutes. Your first target is always free.

Get started free Talk to us first