Skip to content
Back to ScanSentinel
ScanSentinel

Documentation

Everything you need to know about using ScanSentinel to protect your domains.

Getting Started

  1. Sign up — Create an account to get started. Every account gets a Free plan with 3 domains and 10 scans per month.
  2. Add a domain — Navigate to the Domains page and enter the domain you want to monitor.
  3. Verify ownership — Confirm you control the domain by adding a DNS TXT record or uploading a verification file. This takes less than a minute.
  4. Run a scan — Once verified, trigger your first scan. Results appear within seconds.
  5. Review findings — Each finding includes a severity level, description, and actionable remediation guidance.

Scan Types

ScanSentinel runs multiple security checks against each domain. You can choose the scan depth:

Quick

SSL certificate check and HTTP security headers. Best for a fast health check.

Standard

Quick checks plus open ports, email security (SPF/DKIM/DMARC), and TLS configuration.

Deep

Full scan including exposed admin panels, CMS vulnerability detection, and sensitive path discovery.

Available checks:

  • SSL / TLS — Certificate validity, expiry warnings (30 and 90 days), issuer and subject details.
  • HTTP Headers — Checks for HSTS, CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, and more.
  • Open Ports — Probes common ports (FTP, SSH, SMTP, MySQL, PostgreSQL, Redis, MongoDB, etc.) and flags unexpected services.
  • Email Security — Verifies SPF, DKIM, and DMARC DNS records to protect against domain spoofing.
  • TLS Configuration — Tests TLS 1.0–1.3 support and detects weak ciphers (RC4, DES, 3DES).
  • Exposed Interfaces — Discovers exposed admin panels, debug endpoints, configuration files, and backup archives.
  • CMS Vulnerabilities — Detects CMS installations (WordPress, Drupal, Joomla) and checks for known vulnerabilities.

Security Score

Each scan produces a security score from 0 to 100, with a corresponding letter grade (A through F). The score is calculated based on the number and severity of findings across all enabled scanners. Higher scores indicate a stronger security posture.

The Dashboard shows your overall score across all domains. Drill into individual domains to see per-scanner breakdowns and historical trends.

Alerts & Notifications

When a scan detects a high or critical finding, ScanSentinel creates an alert and can notify you via email or webhook. You can configure which notifications you receive from the Settings page.

Email notifications available:

  • Critical scan alerts
  • SSL certificate expiry warnings
  • Domain ownership verification confirmation
  • Scan completed summaries
  • Weekly digest (opt-in)

Webhook events:

  • scan.completed — A scan finishes successfully.
  • alert.created — A new high/critical finding is detected.
  • domain.verified — Domain ownership is confirmed.
  • subscription.updated — Billing plan changes.

Plans & Limits

Free

Up to 3 domains, 10 scans/month, 60-minute cooldown between scans. SSL, Headers, and Ports scanning.

Pro — £29/month

Up to 25 domains, 100 scans/month, daily scheduled scans. Adds TLS Config and Web Path discovery.

Business — £99/month

Unlimited domains, unlimited scans, real-time monitoring. Adds Email Security, Credentials detection, and CMS vulnerability scanning.

Upgrade or downgrade anytime from the Billing page. Self-serve checkout is available for Pro and Business plans via Stripe.

Scheduled Scans

Pro and Business plans support automated scanning on a daily, weekly, or monthly schedule. Configure schedules per domain from the Domain detail page. The platform runs scheduled scans automatically and alerts you when issues are found.

Pro plans support weekly and monthly schedules. Business plans add daily scheduling and real-time triggering.

Team Management

Invite team members to collaborate on your tenant. Each member gets a role that controls what they can access:

  • Owner — Full access including billing, team management, and settings.
  • Admin — Can manage domains, scans, alerts, webhooks, and settings.
  • Member — Can add domains, run scans, and view results.
  • Viewer — Read-only access to the dashboard and reports.

Manage your team from the Team page. Invitations expire after 7 days.

Reports

Generate PDF security reports with executive summaries, severity breakdowns, and remediation guidance. Reports are available from the Reports page and can be shared with stakeholders or attached to compliance documentation.

API & Webhooks

ScanSentinel exposes API endpoints for programmatic access. Webhooks deliver real-time event notifications to your own systems.

Configure webhook endpoints from the Integrations page. Each endpoint can be filtered by event type and enabled or disabled as needed. Pro plans support up to 10 endpoints; Business plans have no limit.

Get started free