After you complete this step, Lupasafe will identify risks for you on your websites. Lupasafe will monitor for vulnerabilities on webpages (OWASP), ports (portscan), encryption strength & certificate (SSL/TLS) and security for visitors  of the site(security headers).


To get started, make sure you are logged on to your Lupasafe dashboard at https://portal.lupasafe.com.



Add your domains (websites)

There are three ways to add domains to Lupasafe for scanning: (1) entering manually, (2) importing a file or (3) using the FIND SUBDOMAINS function.


Add a domain: manually or via FIND SUBDOMAINS

Click Start -> Scan a domain

The following screen shows up to


You can enter a single domain directly or look it up in the DNS register via "Find subdomains". This functions does a search for you. A great way to find 'shadow IT'.


To scan multiple domains, you also click Start and go down to 'Scan Multiple Domains':

The following screen appears:

Download the template, open it in Excel for example and add all your domains.

Select import type: "Domain Scan Import" and press "Upload".


The back-end will receive the file, perform a few tests and you can refresh this screen to see the status.



What to expect from scanning

The domain name(s) will be scanned twice a day for any of the known system vulnerabilities. It will also be tested against all known web application vulnerabilities once a week. You can find a list of vulnerabilities that Lupasafe tests here OWASP ZAP


After adding a domain name is takes a few hours to perform all tests. You will be alerted of high risks via e-mail.

You can download a CSV template to see the format required. Select 'Domain Scan Import' under import type and press Upload. The domain names will be scanned twice a day for any of the known system vulnerabilities. It will also be tested against all known web application vulnerabilities. You can find a list of vulnerabilities that Lupasafe tests here OWASP ZAP


After adding a domain name is takes a few hours to perform all tests. You will be alerted of high risks via e-mail.


Here the view for our business as an example.

ES = Risks found on webpages (0 = low, 100 = very high)

SSL/TLS = encryption (1 = bad, 10 = outstanding)

Security header score (1= bad, 10 = outstanding)

Hosting provider is also shown. 

You can click on any domain name to see open ports, vulnerabilities and other scores.


The dashboard (button top left) has detailed information.