Scanner Information

How to identify and manage SecPortal scanner traffic

What is SecPortal's Scanner?

SecPortal provides active security testing features to its users, including vulnerability scanning, SSL/TLS checks, HTTP header analysis, and attack surface discovery. These scans are non-intrusive and designed to identify security issues without causing disruption to target systems.

Scans are only performed against domains that have been verified by a SecPortal user through our domain ownership verification process. Users must prove they own or are authorised to test a domain before any scanning can take place.

How to Identify Our Scanner

All SecPortal scanner traffic can be identified by:

User-Agent

SecPortal-Scanner/1.0 (+https://secportal.io/scanner-info)

Verification Requests

SecPortal-Verifier/1.0 (+https://secportal.io/scanner-info)

What Our Scanner Checks

SecPortal's scanner performs non-intrusive checks including:

  • SSL/TLS certificate validity and configuration
  • HTTP security headers (HSTS, CSP, X-Frame-Options, etc.)
  • Open port detection on common service ports
  • DNS configuration analysis
  • Subdomain enumeration (paid plans only)
  • Known vulnerability detection based on service banners

Our scanner does not perform:

  • Exploitation of vulnerabilities
  • Brute-force password attacks
  • Denial-of-service testing
  • Data exfiltration or extraction
  • Any form of destructive testing

Our Safeguards

We take the following measures to prevent misuse:

  • Domain verification required: Users must prove domain ownership via DNS TXT record, file upload, or HTML meta tag before any scanning.
  • Legal attestation required: Users must sign a legally binding attestation confirming their authorisation to test, recorded immutably with IP and timestamp.
  • Rate limiting: Scan frequency is limited by plan tier and per-domain rate limits.
  • Blocklist: Government, military, critical infrastructure, and cloud provider management domains are blocked.
  • Audit trail: All scan activity is logged with full attribution.

Report Unauthorised Scanning

If you believe your systems are being scanned by SecPortal without your authorisation, please contact us immediately:

Email: legal@secportal.io

Please include: the domain being scanned, approximate time of activity, and any relevant logs or evidence.

We investigate all reports within 24 hours and will immediately suspend scanning against the reported domain pending review. For more details, see our Acceptable Use Policy.