How It Works

Detectify ASV Scanning is powered by Clone Systems, a PCI SSC-certified Approved Scanning Vendor. This page explains the technical workflow and data architecture.

Technical Workflow

1. Target configuration — You define a domain or IP address and a scan schedule in the Detectify UI.
2. API synchronization — Detectify passes the target and schedule configuration to Clone Systems via API.
3. Scan execution — Clone Systems executes the external vulnerability scan against your target at the scheduled time.
4. Report generation — Upon completion, Clone Systems generates compliance reports (AoSC, Executive, Detailed, Remediation).
5. Notification — You receive an automated email alert when the scan completes.
6. Results and download — You view the results (Pass/Fail) in the Detectify dashboard and download PDF reports directly through the UI.

Architecture

Detectify manages the user interface, scan profile configuration, and local storage of scan metadata. Clone Systems operates the scanning infrastructure and generates compliance reports.

User → Detectify UI → Detectify API → Clone Systems API → Scan Execution
                                                              ↓
User ← Detectify UI ← Report Download ← Clone Systems ← Report Generation

Each Detectify team maps to a separate organization in Clone Systems. Data is fully isolated between customers.

Data Governance

Email Notifications

Automated email alerts are sent to users when:

• A scan completes (pass or fail)
• Reports are ready for download

Service Availability

The scanning functionality depends on Clone Systems’ infrastructure. In the event of service disruptions:

• Detectify monitors the integration and communicates any known issues
• Support inquiries related to scan execution are escalated to Clone Systems as needed

For any issues, contact Detectify support through the normal channels.