Discover Vulnerabilities Before Attackers Do

External vulnerability scanning identifies security weaknesses in your internet-facing infrastructure (websites, APIs, servers, and services) before attackers find them. Regular scanning is essential for meeting compliance requirements like Cyber Essentials and OWASP Top 10, reducing your attack surface, and protecting customer data. Luna automates this process so you get continuous visibility without manual pentesting.

Luna uses 11,000+ security templates to detect a wide range of vulnerabilities including SQL injection, cross-site scripting (XSS), remote code execution (RCE), SSRF, path traversal, authentication bypasses, security misconfigurations, and known CVEs. Scans also include port discovery and SSL/TLS certificate analysis to identify exposed services and weak encryption.

Manual pentests are valuable but expensive, infrequent, and only show a point-in-time snapshot. Luna provides continuous automated scanning that runs daily, weekly, or on any schedule you choose, so you catch new vulnerabilities as they appear, not months later. Many teams use Luna for ongoing monitoring between annual pentests.

Luna offers plans for teams of every size: Professional at $249/month (50 targets, 3 users), Business at $499/month (100 targets, 10 users), and Business Plus at $899/month (200 targets, 20 users). Enterprise plans with custom limits are also available. Every plan includes a 14-day free trial with 20 targets and 20 scans per month.

Yes. Luna maps every detected vulnerability to the OWASP Top 10 2025 categories and Cyber Essentials controls, giving you a compliance score and per-control pass/fail breakdown. You can export compliance reports as PDF, CSV, or JSON, ready to share with auditors, clients, or your board.

Luna is fully cloud-based with nothing to install. Sign up, add your domains or IP addresses, and launch your first scan in under five minutes. Results from a quick scan are typically available within minutes. No agents, no hardware, no configuration.

Yes. Luna supports scheduled scans that run hourly, daily, weekly, monthly, or on a custom cron schedule. Combine this with Slack notifications and you get alerted the moment a new vulnerability is found.

Yes. Luna supports exporting reports in PDF, CSV, and JSON formats. PDF reports are ready to share with stakeholders or attach to compliance evidence. CSV and JSON exports let you import findings into other tools or integrate with your existing workflows.