A non-developer with a WordPress hosted website's take on Deep Scanning with Detectify
What do you like best?
The Deep Scan was impressively easy to use once I got through the asset verification process. The scan itself took a long time (about 7 hours), but I was very pleased to see all of the vulnerabilities laid out clearly and ranked by severity.
As a nonprofit organization where I am the only person managing the website, this is a game-changer in terms of securing our web presence. The Deep Scan showed vulnerabilities that I never would have known about without it. I also appreciate that each vulnerability links to more information, giving me the best possible chance to fix these issues on my own.
What do you dislike?
I had a little trouble getting verified at the beginning and the instructions weren't very helpful on how to use a DNS text record (more specifically, I didn't know to use "@" under host so it wasn't working properly). Maybe that is because the target audience should already know how to do this?
I'm not a developer (although I do have some programming experience), so I'm not 100% certain I will be able to make all of the necessary changes. I could see that being an issue for other organizations that lack a person with any technical know-how.
Recommendations to others considering the product:
Detectify will help you identify potential areas where your website is vulnerable, but you will likely need a developer or security expert to help implement the needed fixes.
What problems are you solving with the product? What benefits have you realized?
I am using the vulnerability report to research ways to make our website more secure. Our website has been hacked many times over the past year, and Detectify allows me to clearly see where the potential problems are. These are issues that I would not have been able to identify on my own.
