Help Center

How can we help?

Common questions about Scantient. Can't find what you're looking for? Contact us.

Getting started

How do I add an application to monitor?

After signing in, go to your Dashboard and click 'Add App'. Enter the public URL of the application you want to monitor. Scantient will immediately run an initial security scan and begin continuous monitoring.

What does Scantient actually scan?

Scantient performs HTTP-based security checks including: security headers (CSP, HSTS, X-Frame-Options), exposed API keys or credentials in JavaScript, client-side authentication bypass patterns, CORS misconfiguration, cookie security settings, SSL certificate validity and expiry, open redirects, information disclosure, and dependency exposure signals.

Does Scantient need access to my source code?

No. Scantient operates entirely from the outside, the same way an attacker would. We scan your app's public endpoints without requiring a code integration, repository access, or deployment pipeline changes.

How long does a scan take?

Initial scans typically complete in 30–90 seconds depending on the application. Continuous scans run in the background on your configured schedule (default: every 6 hours).

Security & findings

What do the severity levels mean?

Critical: Immediate action required - active vulnerability that could lead to data breach or takeover. High: Fix within 24–48 hours. Medium: Remediate in current sprint. Low: Informational - address when possible. Info: Best-practice improvement, no active risk.

I got a false positive. What do I do?

Open the finding and click 'Mark as False Positive'. We'll ask for a brief note explaining why. False positives are reviewed by our team to improve scanner accuracy. The finding will be suppressed from your score and future reports.

Why does my app have a low security score if nothing looks broken?

Security score reflects missing protections, not only active vulnerabilities. Missing security headers, absent Content-Security-Policy, or cookies without Secure/HttpOnly flags all reduce your score even if no active attack is occurring. These gaps make your app easier to exploit.

Billing & account

How does the 14-day free trial work?

You get full access to all features for 14 days, no credit card required. At the end of the trial you can choose a plan or your account will revert to a read-only view of your scan history.

Can I change plans at any time?

Yes. You can upgrade or downgrade at any time from Settings → Billing. Upgrades take effect immediately; downgrades take effect at the next billing cycle.

Do you offer discounts for nonprofits or educational institutions?

Yes. Contact us at support@scantient.com with verification and we'll apply a discount to your account.

Still have questions?

Our team typically responds within one business day.

Contact support View API docs