IT & Cyber Security Services icon

Vulnerability Scanning & Security Check

AppCheck is a web application and external infrastructure vulnerability scanning tool that allows users to automate the discovery of security flaws within their network perimeter quicker, easier and more accurately.


AppCheck is a leading web application, and internal and external infrastructure vulnerability scanning tool (automated Penetration Testing) that allows users to automate the discovery of security flaws within their network perimeter and internal network quicker, easier and more accurately.

AppCheck bridges the gap between manual and automated penetration testing by offering a unique scripting solution which maps and tests user work flows, thus ultimately mapping a much larger attack surface and identifying more flaws. The solution also gives logical and easy to follow remedial steps.

Due to 40% of breaches coming through the web application and with the threat landscape continuously changing, testing applications for vulnerabilities on a regular basis is a must and mitigates that risk of exploitation. AppCheck allows users to run an unlimited amount of assessments either when a new vulnerability is published, when changes are made to an application, through the development life cycle or for periodic testing, giving organisations that peace of mind they’re being proactive with their security testing.

As a trusted partner of Intrasource, AppCheck is able to offer its members a free assessment against a website and external infrastructure target of their choice, highlighting any vulnerabilities that may exist along with remediation advice.

AppCheck is built by a team of UK based CHECK and Crest accredited Penetration Testers and unlike most SaaS vulnerability scanners, AppCheck deploys both lexical and browser based analysis of each assessed application component to ensure modern JavaScript heavy and Flash based applications are fully explored for vulnerabilities.


This technology allows AppCheck to detect security flaws in components other scanners will fail to detect.

Key Features:

  • Access sophisticated scanning and exploit technology designed by experienced penetration testers
  • Provides a single platform to identify and manage web application and infrastructure risks
  • Offers accurate discovery and analysis of ‘Rich’ Internet Applications via a combined network and browser based scanning engine
  • Supports complex multistage applications and authentication schemes
  • Confirms vulnerabilities through safe exploitation to eradicate false positives and provide proof of concept
  • Detects critical web application security flaws, as defined by the OWASP Top Ten, e.g. SQL and XSS
  • Supports security strategy with fast, intelligent web crawling and exceptional detection rates
  • Assign and prioritise each vulnerability’s remediation to nominated members of your team using AppCheck’s workflow management system
  • Schedule scans to run at any given date and time. Scan at regular recurring intervals with email notification
  • Generates reports in Microsoft Word and CSV. PCI and UK Government PSN compatible formats

Advanced Features Include:

  • Multiple crawling technologies to accurately identify application components even in JavaScript and Flash rich applications.
  • Decompilation and static analysis of Adobe Flash files
  • Advanced detection of DOM based Cross Site Scripting (XSS) vulnerabilities through JavaScript taint analysis.