Documentation
Welcome to Comptrusence documentation. This guide will help you get started with automated vulnerability scanning
for your Australian business.
New to Comptrusence?
Start with our Quick Start Guide to run your first scan in under 5 minutes.
Quick Start
Get up and running with Comptrusence in three simple steps:
1
Create Account
Sign up for free at comptrusence.com. No credit card required for the starter plan.
2
Add Your Domain
Enter your website URL in the dashboard and verify domain ownership.
3
Run Your Scan
Click "Start Scan" and receive comprehensive vulnerability reports in minutes.
Domain Verification
To verify domain ownership, add a TXT record to your DNS:
comptrusence-verify=a1b2c3d4e5f6g7h8i9j0
Your unique verification code will be provided in the dashboard.
Dashboard Overview
Your dashboard provides a comprehensive view of your security posture:
Key Metrics
- Security Score - Overall security rating from 0-10
- Vulnerabilities Found - Count by severity (Critical, High, Medium, Low)
- Compliance Status - Essential Eight maturity level
- Last Scan Date - Timestamp of most recent scan
- Scan History - Trend analysis over time
Dashboard Features
Trend Analysis
Track security improvements over time with visual graphs.
Real-time Alerts
Instant notifications for critical vulnerabilities.
Export Reports
Download PDF reports for audits and compliance.
Team Management
Collaborate with team members and assign roles.
Running Scans
Scan Types
| Scan Type |
Duration |
Coverage |
Best For |
| Quick Scan |
5-10 minutes |
Common vulnerabilities |
Daily monitoring |
| Standard Scan |
20-30 minutes |
Comprehensive assessment |
Weekly/monthly audits |
| Deep Scan |
1-2 hours |
Advanced threats, code analysis |
Quarterly reviews |
What We Scan For
- SQL Injection
- Cross-Site Scripting (XSS)
- CSRF Vulnerabilities
- Outdated Software/Libraries
- SSL/TLS Configuration
- Security Headers
- Directory Traversal
- Authentication Weaknesses
Note: Scans are designed to be non-intrusive and will not impact your website performance.
Understanding Reports
Severity Levels
CRITICAL
Immediate action required - active exploitation possible
HIGH
Patch within 48 hours - significant security risk
MEDIUM
Address within 2 weeks - moderate security concern
LOW
Review and remediate - best practice improvement
Report Sections
High-level overview with security score, risk summary, and compliance status. Perfect for board presentations.
Technical details of each vulnerability including CVE references, affected components, and exploitation scenarios.
Step-by-step instructions for fixing each vulnerability, prioritised by severity and impact.
How findings map to Essential Eight, Privacy Act, and APRA CPS 234 requirements.
API Reference
Integrate Comptrusence scanning into your CI/CD pipeline or custom applications.
Authentication: All API requests require an API key. Generate yours in Settings → API Keys.
Base URL
https://api.comptrusence.com/v1
Example Endpoints
POST
/scans
Initiate a new security scan
POST /v1/scans
Content-Type: application/json
Authorization: Bearer YOUR_API_KEY
{
"domain": "example.com.au",
"scan_type": "standard",
"notify": true
}
{
"scan_id": "scn_a1b2c3d4e5",
"status": "queued",
"estimated_completion": "2025-02-05T14:30:00Z"
}
GET
/scans/{scan_id}
Retrieve scan results
GET /v1/scans/scn_a1b2c3d4e5
Authorization: Bearer YOUR_API_KEY
{
"scan_id": "scn_a1b2c3d4e5",
"status": "completed",
"security_score": 7.2,
"vulnerabilities": {
"critical": 2,
"high": 5,
"medium": 8,
"low": 12
}
}
Rate Limits
| Plan |
Requests/Hour |
Concurrent Scans |
| Free |
10 |
1 |
| Professional |
100 |
5 |
| Enterprise |
Unlimited |
Unlimited |
Integrations
Connect Comptrusence with your existing tools and workflows.
Slack
Receive instant vulnerability alerts in your Slack channels.
Configure
Email
Automated email reports for your team and stakeholders.
Configure
GitHub
Integrate with GitHub Actions for automated security checks.
Configure
Webhooks
Custom webhooks for advanced integration scenarios.
Configure
Best Practices
Scan Frequency
- Production websites: Run standard scans weekly, deep scans monthly
- Development sites: Quick scan before each deployment
- After updates: Scan within 24 hours of major software updates
Remediation Priority
- Address Critical vulnerabilities immediately (within 24 hours)
- Fix High severity issues within 48 hours
- Schedule Medium issues for next sprint/release
- Batch Low severity improvements for quarterly reviews
Team Collaboration
- Assign vulnerabilities to specific team members
- Track remediation progress in the dashboard
- Share reports with stakeholders and auditors
- Set up notifications for critical findings
Frequently Asked Questions
Comptrusence provides continuous automated scanning at a fraction of the cost of manual pen testing.
While manual testing remains valuable for complex scenarios, our platform offers 24/7 monitoring and
catches common vulnerabilities immediately.
No. Our scans are designed to be non-intrusive with rate limiting and intelligent throttling.
Most websites experience no noticeable performance impact during scans.
Yes. All scanning infrastructure and data storage is hosted in Australian data centres (Sydney region)
to meet data sovereignty requirements.
Enterprise plans include on-premise scanning agents for internal networks and applications not
accessible from the internet. Contact sales for details.
Our vulnerability database is updated within hours of new CVE disclosures. Scheduled scans automatically
check for newly discovered vulnerabilities affecting your stack.
Need Help?
Our Australian-based support team is here to help you succeed.
