Good product, easy use, not to expensive compared to the competitors.
It's straight forward in it use, and does do what it says it should do.
Even though the api is extensive, you can only scan fixed targets, so scanning several containers after build where the address is changing from is not possible. limiting our scans to staging and prod only,
Value for every euro
We started using probely mainly for the automation potential in our CI/CD potential and ended up growing into the solution, right now I would say is our best tool we have evaluation value for our $ spent.
I would say the things I like the least are the same across all companies we at OLX have very specific needs that are sometimes dev dependent on the vendor side and as many other probely customers we would love to have a quicker feature request into production.
Resposta do Probely
Thanks for the review Luis! Feedback is always important in order to continue developing a strong tool, talk to you soon!
Decent software for vulnerability scans
An intelligent vulnerability scanner designed to speak your developer's language
Probely's made my security team more productive. Scheduling and managing scans is simple, and the output is developer friendly, which decreases friction between the security team and developers.
- Output is developer-friendly. Full details of the scan results, test info submitted, and recommended fixes are all in the report, making it easier for devs to ingest and respond to vulnerabilities
- Flexible GUI that makes scheduling, managing, and monitoring scans simple and easy
- API-driven. Rather than sending spreadsheets or PDFs of vulnerability reports, we can easily pull data from the latest scan
- Somewhat limited functionality, e.g., can identify vulnerabilities in a web app, but not an out of date web server. Such a scenario would require multiple tools
- Custom vulnerability scoring may not align with everybody's vulnerability scoring. The reports include the CVSS score as well as Probely's assigned criticality, so it is possible to work around this.
I like almost everything about Probe.ly but one thing that really stands out is Probely’s support. They are really hands on and proactive when it comes to any problem we experience.
Nothing really. There’ve been some minor bugs but whenever it happens customer support comes in and fixes the issue pretty quickly.
Great product that has saved me hours and grief
Probe.ly provides us with Compliance reports that helped us achieve PCI compliance. Another part of Probe.ly that I like is the API. The API is complete, and you can implement it pretty quickly.
There’s not much feedback while the scan is running. There are some vulnerabilities shown while the scan is running, but you can’t know how much time is left until the end of the scan.
My expirience with Probely scaner
Great scanner to find real vulnerabilities
Great Vulnerability Scanning Experience
It makes security so much easier for our developers. We integrated the lightning scans in our CI pipeline and since then everything is really hands-off and automatic.
The API is my favorite part of Probe.ly. Everything in the available in the web Interface is on the API, so it saves me and my team of developers a lot of time.
Still waiting on the Jira integration. But they have it in their roadmap, so hopefully it's coming soon.
Easy to use, deep inspection
The trouble that I had was fixed very quickly. The support department was very helpful.
Good automated inspection
Clear reports of scans
Proof of findings added into the reports
Solutions to get it fixed
It locks to one machine, but also to one domain. That gave Some trouble wegen trying to change the hostname.
Intuitive and inexpensive
The API. It includes everything from the web interface and is really easy to set up. Also, they provide you with the opportunity to add a multiple environment target. You can test both your staging and your production environments for the price of one. Most of their competitors charge you for both.
Not much to dislike. Everything seemed to run smooth.