Skip to main content
All CollectionsNimbus Probe
Understanding Your Nimbus Probe Scan Results
Understanding Your Nimbus Probe Scan Results
Ilyas Esmail avatar
Written by Ilyas Esmail
Updated over a month ago

After running a Nimbus Probe scan a domain, you'll receive a detailed report containing valuable insights into the site's security, performance, and technology stack. This guide will help you interpret these results and understand their implications for t website.

1. Security Score

At the top of your report, you'll find an overall security score. This score ranges from 0 to 100, with higher scores indicating better security.

  1. 90-100: Excellent security posture

  2. 70-89: Good security, with some room for improvement

  3. 50-69: Moderate security, significant improvements recommended

  4. Below 50: Poor security, immediate action required

The score is calculated based on various factors, including:

  1. Presence of a Web Application Firewall (WAF)

  2. SSL/TLS configuration

  3. Detected vulnerabilities

  4. Email security measures

  5. Up-to-date software and technologies

Remember, this score is a general indicator. Even with a high score, it's crucial to review all aspects of the report.

2. Performance Metrics

This section provides insights into your website's speed and efficiency:

Load Time

The total time it takes for your page to load. Aim for under 3 seconds for optimal user experience.

Server Response Time

How quickly your server responds to requests. A response time under 200ms is considered good.

Page Size

The total size of your webpage. Smaller pages generally load faster. If your page is over 5MB, consider optimization.

Resource Count

The number of individual files (images, scripts, stylesheets) loaded by your page. Fewer resources usually mean faster load times.

3. Technology Stack Report

This section lists the technologies detected on your website, including:

  1. Content Management System (e.g., WordPress, Drupal)

  2. Programming languages (e.g., PHP, Python)

  3. JavaScript libraries and frameworks

  4. Server software

  5. Analytics tools

Understanding your tech stack helps in:

  1. Identifying potential vulnerabilities associated with specific technologies

  2. Ensuring all components are up-to-date

  3. Planning future updates or migrations

4. Vulnerability Assessment

Only users on the Pro plan or organization users on the Enterprise plan have access to vulnerabilities on their Nimbus Probe scans.

View your subscription

This critical section outlines any security vulnerabilities detected:

Severity Levels

  1. Critical: Require immediate attention

  2. High: Should be addressed as soon as possible

  3. Medium: Important to fix, but less urgent

  4. Low: Minor issues that should be addressed when possible

Each vulnerability comes with:

  1. A description of the issue

  2. Potential impacts if exploited

  3. Recommendations for remediation

5. Geographic Information

This section provides insights into the website's global presence:

Server Location

Where the web server is physically located. This can impact load times for users in different regions.

Content Delivery Network (CDN) Detection

If a CDN is detected, it's listed here. CDNs can significantly improve global performance.

IP and DNS Information

Details about your server's IP address and DNS configuration.

6. Web Application Firewall (WAF) Status

Indicates whether a WAF is detected and, if so, which one. A WAF provides an additional layer of security against common web attacks.

7. SSL/TLS Certificate Analysis

Details about your SSL/TLS certificate, including:

  1. Validity period

  2. Encryption strength

  3. Any misconfigurations or vulnerabilities

8. Email Security

Analysis of your domain's email security measures, including:

  1. SPF (Sender Policy Framework) records

  2. DKIM (DomainKeys Identified Mail) configuration

  3. DMARC (Domain-based Message Authentication, Reporting, and Conformance) policy

9. Next Steps

Based on your scan results:

  1. Address any critical or high-severity vulnerabilities immediately.

  2. Review performance metrics and consider optimizations if load times are high.

  3. Ensure all detected technologies are up-to-date.

  4. If your security score is low, prioritize the recommendations provided.

  5. Consider enabling additional security features like WAF if not already in place.

  6. Schedule regular rescans to monitor your progress and catch new issues.

Remember, web security is an ongoing process. Regular scans and prompt action on the results will help keep your website secure and performing optimally.

For any questions about your scan results or need for clarification, don't hesitate to ask our Nimbus AI chatbot or contact our support team.

Related Articles
How does Nimbus Probe work?
Security Features Explained
How Nimbus Manage Keeps Your Information Safe
Understanding the Nimbus Manage Dashboard
Managing Billing and Payments in Nimbus Suite
Did this answer your question?