What is Probely?

Probely scans your Web Applications to find vulnerabilities or security issues, and provides guidance on how to fix them, having Developers in mind.

Probely not only features a sleek and intuitive interface, but also follows an API-First development approach, providing all features through an API. This allows Probely to be integrated into Continuous Integration pipelines in order to automate security testing.

Probely covers OWASP TOP10 and much more, and can be used to check specific PCI-DSS, ISO27001, HIPAA and GDPR requirements.

browser laptop scan code

This is what makes Probely different

Relevant Findings

At Probely we value your time. We know how frustrating it is to be asked to fix irrelevant findings that are marked as high-risk vulnerabilities. So, instead of focusing on the numbers and reporting issues that aren’t relevant to your business, we do our best to report only what matters and false-positive free.

For certain types of vulnerabilities, Probely provides Evidence-Based Reporting, meaning that it will extract and present an evidence to prove that a vulnerability is real.

Developer Centric

Developers love Probely because we pay attention to the little things, the details.

Besides making it easy for developers to automate their security testing process, we provide tailored instructions on how to fix vulnerabilities based on the technology being used on the site.

Turn DevOps into DevSecOps

Probely follows an API-First Development approach. All new features are first available on the API and then on the Web App.

This enables you to easily integrate Probely with your existing CI/CD Tools and have automatic security testing as part of your Software Development Life-Cycle (SDLC).

Core features

  • Integrations

    Probely integrates with popular tools such as Slack and JIRA

  • API

    Anything that can be done using the Web App can also be done directly via the API

  • Team members

    Onboard your team and assign vulnerabilities to team members

  • Multi Environment testing

    Scan your production environment with non-intrusive scans, and your testing with intrusive and complete scans

  • Compliance Reports

    Archive PDF reports periodically as an evidence that you are serious about Security

  • Next Generation Spider

    Probely’s spider was developed from scratch to navigate rich Javascript apps, just like a normal browser

Full Features

  Free Starter Pro Premium
Customize Headers

Control which headers are used by the scanner

Customize Cookies

Control which cookies are used by the scanner

Scanning Profile

Choose one of our scanning profiles based on how intrusively you would like Probely to be while scanning your website

Schedule Scans

Schedule scans, or configure recurring scans on daily, weekly or monthly basis

Only weekly and monthly

Fixed IPs

We use fixed IPs for all of our tests

Skip Target Validation

Skip Target validation for your domain when adding a new target (upon request)


Add paths of your target for Probely to access and scan


Get notifications on Slack for scan start, finish, vulnerabilities found, etc


Sync findings with Jira


Use our full-featured API

Plugins for CI tools

Install a Probely plugin in your CI tool (Jenkins, Circle CI)

Scan results report

Download a PDF report with the scan results

Compliance report

Download a PCI-DSS or OWASP TOP10 compliance PDF report

Coverage Report

Download a CSV file with the coverage of the scan (scanned endpoints)

Login Form

Let Probely authenticate on your website via Login Form, so it can scan your website as a logged in user

Basic Authentication

Let Probely authenticate on your website using basic authentication

Customize Cookies

Customize cookies to be used for authentication

Customize Headers

Customize headers to be used for authentication

Teams and Collaboration
Team Members

Add unlimited number of users to your team

Assign vulnerabilities to a member

Assign a vulnerability to a certain team member to let them know that they are in charge of fixing it

Lightning scans

Run a quick 1 minute scan on your website for vulnerabilities related to Security Headers, Cookie flags and TLS

Full Scans

Scan your entire app for over 1000 vulnerabilities

Only once per week

Extra hosts in the scope

Add extra-hosts for Single-Page Apps (SPA) or apps that call APIs


Our advanced fingerprinting recognizes popular web application and optimizes tests based on the technology used

Scanning Modules

We run specific modules to target a specific Web Application

Reducing False-Positives

Probely safely exploits some findings to confirm the vulnerability

Report False-Positives and Invalid Vulnerabilites

Probely will not report that vulnerability again and team will directly look into your case

Multiple Environment Targets

Scan your production environment with non-intrusive tests, and your testing environment with intrusive and complete scans

Pool of targets

Have a pool of multiple targets under one account

Switch targets

Add and delete targets as long as you don't exceed the pool size of targets.

Archiving targets Add-On

Archive targets so that you can add new ones (on request). You will not lose history logs and data of the archived targets

Payment by Credit Card

Fast payment by a Credit Card

Payment by Invoice

For annual contracts

Try Probely for free

Get started