SiteWatch

Security assessment workspace

Run authorized security assessments against verified assets — track findings across scans, compare results over time, and generate client-ready reports.

Passive validation Quick scans Full scans ZAP import Client reports
Scoped assets Ownership verification Evidence-based findings Exportable reports
Assets 0
Scans 0
Findings 0
Critical / High / Medium / Low 0 / 0 / 0 / 0

Register Asset

Add a hostname you are authorized to assess

Defines the authorized target scope and unlocks scan eligibility for that hostname.

Authorized Scan

Queue a security assessment

Controls which tools and modes are allowed to run — gated by verification status.

Select an asset and scanner. Unavailable tools stay visible so you can tell what still needs to be installed.

Safe Validation

Run an authorized validation check

Assets

Inventory and verification state

Tracks verified ownership and the legal scan boundary for each target hostname.

Select any row to open asset detail and verification instructions.

Asset Scope Verification Latest Scan Scanner Findings

Asset Detail

Verified asset and scope controls

🔒

Select an asset from the table to view its verification status, ownership proof instructions, and scan controls.

Verified assets unlock quick and full scan modes.

OWASP ZAP

Import a JSON report

Ingests findings from an external ZAP scan — labeled as imported, not natively observed.

Authentication

Auth profiles

Credential sets used to reach authenticated surfaces — requires a verified asset before attachment.

Authentication

Create an auth profile

Search Findings

Filter by asset, severity, or keyword

Authorized Scans

Assessment history and status

Full audit trail of all assessments — with status, findings, and change tracking across runs.

Remediation Report

Security assessment findings, outputs, and exports

Translates raw scan output into prioritized guidance — and into client-ready deliverables.

📋

Select a completed scan from the list above to load its full report, findings breakdown, and comparison diff.

Use "Generate Client Report" to transform any scan into a shareable, professional deliverable.

Scan Schedules

Recurring assessments

Set up automatic scan scheduling for continuous security monitoring of your assets.

Active Schedules

Manage recurring scans

Security Alerts

Finding changes and notifications

Tracks new findings detected and previously reported findings that are now resolved.

Ticketing Integrations

Connect to your issue tracker

Link findings to Jira or GitHub Issues to track remediation work. Tokens are stored server-side and never exposed to the browser.

Notification Channels

Alert delivery

Send alerts to Slack, Microsoft Teams, or a custom webhook when critical findings are detected, findings are resolved, or scans fail.