Get Started with Threatspy
Welcome to Threatspy! Follow the steps below to secure your web applications and APIs with AI-powered continuous security testing.
Step 1: Sign In
Log in to your Threatspy account using your registered credentials.
> New to Threatspy? Create an account, verify your email address, and schedule your onboarding session to activate your account.
Step 2: Connect Your Asset
Create a new application by connecting the asset you want to secure.
Threatspy currently supports:
- π Web Applications
- π APIs
Provide the required application details, environment information, and target URL to start your security assessment.
Step 3: Customize the Scanner
Configure the scanner to align with your application environment for more accurate security testing.
You can customize:
- Scan scope
- Common port scanning
- Ports to exclude
- OWASP Top 10 security categories
- S3 bucket assessment
- Environment-specific scan preferences
Tailoring the scan configuration helps improve coverage while minimizing unnecessary tests.
Step 4: Run Your Scan
Launch your security scan using any of the supported methods:
- βΆοΈ Manual Scan β Start an on-demand scan directly from the Threatspy dashboard.
- β° Scheduled Scan β Automate recurring scans at your preferred frequency.
- π CI/CD Integration β Trigger scans automatically from your development pipeline.
Threatspy continuously analyzes your application to identify security vulnerabilities and misconfigurations.
Step 5: Analyze Your Findings
After the scan completes, review all findings from the Vulnerabilities Dashboard.
Each vulnerability includes:
- Risk severity and CVSS score
- AI-powered contextual analysis
- Technical details and affected endpoints
- Business impact
- Evidence and proof of detection
- Developer-focused remediation guidance
Use AI Review to better understand exploitability, attack paths, and overall business risk.
Step 6: Generate Security Reports
Export professional security reports in PDF format for developers, security teams, customers, and compliance requirements.
Available report formats:
- π Comprehensive Report (Executive + Developer)
- π» Developer Report
Reports include vulnerability details, AI insights, remediation guidance, and overall security posture.
Step 7: Collaborate with Your Team
Invite team members to collaborate securely within your organization.
Manage:
- User roles and permissions
- Organization members
- Team access
- Administrative privileges
Enable seamless collaboration between developers, security engineers, DevOps teams, and management.
Step 8: Launch Remediation Campaigns
Create campaigns to manage and track vulnerability remediation across your organization.
Campaigns help you:
- π― Assign vulnerabilities to team members
- π Prioritize remediation efforts
- β±οΈ Track SLA compliance
- π Monitor remediation progress
- β Measure overall fix status
Step 9: Automate Your Security Workflow
Build Playbooks to automate repetitive security operations and accelerate remediation.
Playbooks enable you to:
- Create tickets automatically
- Assign vulnerabilities to the appropriate teams
- Trigger actions in connected workflow platforms
- Standardize remediation processes
- Reduce manual effort across security operations
Secure Every Release with Threatspy
Threatspy empowers development, security, and DevOps teams to continuously discover, prioritize, and remediate application security vulnerabilities throughout the software development lifecycle. Integrate security into every release with AI-powered insights, automated workflows, and developer-first remediation.