FAQ
Frequently Asked Questions
Everything you need to know about VigilFlux AI-powered security testing.
What types of vulnerabilities does VigilFlux detect?
VigilFlux tests for SQL injection, cross-site scripting (XSS), open ports and exposed services, outdated software with known CVEs, server misconfigurations, default credentials, directory traversal, and more. The Nuclei agent alone covers thousands of vulnerability templates from the community-maintained database.
How does VigilFlux work?
VigilFlux deploys 7 AI-powered security agents in a coordinated pipeline. First, 3 reconnaissance agents (port scanner, subdomain enumerator, technology fingerprinter) run in parallel to map your attack surface. An AI supervisor analyzes the recon results and intelligently routes to the relevant specialist agents (SQL injection, XSS, Nuclei, Nikto) for targeted vulnerability testing. Results are aggregated into a scored security report.
Is VigilFlux safe to use on production websites?
Yes. VigilFlux requires domain ownership verification before scanning, preventing unauthorized use. Scan aggression levels are configurable, and the default mode avoids destructive testing. The AI supervisor filters out potentially dangerous test cases that could impact availability.
How does VigilFlux compare to Burp Suite, OWASP ZAP, or Nessus?
VigilFlux is designed for automation and developer-friendliness. While Burp Suite and ZAP are powerful manual tools for security professionals, VigilFlux is built for developers and teams who want automated, AI-orchestrated scanning without needing deep security expertise. It combines multiple tools (Nmap, Nuclei, Nikto, custom agents) into a single intelligent pipeline that takes under 5 minutes to set up.
Can I scan any website?
No. You can only scan domains you own and have verified through one of three methods: DNS TXT record, HTML meta tag, or file upload verification. This ensures ethical scanning practices and prevents abuse.
How much does VigilFlux cost?
VigilFlux offers a generous Free plan with 3 scans per month, 1 domain, and all 7 AI agents included. The Pro plan is $49/month ($39/month billed annually) with unlimited scans, unlimited domains, API access, and priority queue. Enterprise pricing is custom with SSO, SLA, and on-premise deployment options.
What is the risk score?
The risk score is a 0-100 health score where 100 means no vulnerabilities found and 0 means critical issues detected. It is calculated based on the number, severity, and type of findings. Scores are categorized as: Safe (90-100), Low Risk (70-89), Medium Risk (40-69), High Risk (20-39), and Critical (0-19).
How long does a scan take?
A typical quick scan completes in under 5 minutes. Full scans with all agents enabled may take 10-20 minutes depending on the size of your application, number of endpoints, and the number of subdomains discovered during reconnaissance.
Does VigilFlux replace manual penetration testing?
VigilFlux complements manual penetration testing by providing continuous, automated coverage. It excels at finding known vulnerability patterns quickly and affordably. For high-security applications, we recommend using VigilFlux for continuous monitoring alongside periodic manual pentesting for business logic and complex attack chain analysis.