BlueHive Security Lens

BlueHive Secure Scan

The BlueHive Security Lens is a comprehensive, non-intrusive penetration testing solution that constantly monitors the security of your web infrastructure, whether it’s a few pages or a complex full stack behemoth. 

Our technology scans your web infrastructure for vulnerabilities that cybercriminals exploit to access your data. Our code never stands still, with new types of scans to keep pace with the rapid evolution of the web.

BlueHive delves into the darkweb for mentions of your company and your data, ensuring a breach has not already occurred, is in progress or your organisation is being targeted so that you can be prepared for what’s coming next.

Once the scan is complete, our team prepares a comprehensive report for your business, identifying vulnerabilities in order of criticality. 

BlueHive identifies the most common security holes from past breaches, matching them to your website’s technology stack.

Our solution can scan self-hosted, data centre or cloud-hosted solutions, again checking for and identifying common security vulnerabilities that you can fix yourself or engage one of our partners to secure your infrastructure while offering basic best practice advice.

Environments where Blue Hive’s security lens operates

Surface Web


Leading Search Engines and Public Sources

96% of content on web

Deep Web


Data Base and Records

  • Academic
  • Medical
  • Scientific
  • Government
  • Banking

Online Services / SAAS

Organization & Insights

Dark Web


PII data, Addresses, email addresses, contact numbers, bank account numbers, debit/credit card numbers, confidential filesand updates

Surface Web – Visible web, is the portion of the web that is readily available to the general public and searchable with standard search engines. The Surface Web is made with a collection of public Web pages on a server accessible by any search engine.

Content scattered on the iceberg and definitions of surface, deep and dark webs.

Identify undetected vulnerabilities in web technologies stack. Identify the security misconfigurations of web app firewalls, load balancers and headers inspections. Checks for Common information leaks mostly contain (Viz. phpmyinfo, htaccess, XML RPC, configuration files, source code etc.) and sensitive/confidential information (Viz. Stolen/Leaked credentials, Emails, Data Dumps, etc.

Check whether firewalls are in place for the server and the web application.

Check whether the website is infected with malware.

Identify subdomains creating an additional attack surface such as malicious redirects, SSL status, SSL ciphers. Identify SSL based vulnerabilities and malicious redirections in associated domains and subdomains.

Checks for the DNS misconfigurations in SPF, DNSSEC, DNS Zone transfers, and DNS health records.

Identify open ports in the server. Identify the insecure protocols associated with Ports.

Deep Web - Invisible web, or hidden web are parts of the world wide web whose contents are not indexed by standard web search-engines. The content of the deep web is hidden behind HTTP formats and includes many very common uses such as web mail, online banking, private or otherwise restricted access social-media pages and profiles, some web forums that require registration for viewing content, and services that users must pay for, and which are protected by paywalls, such as video on demand and some online magazines and newspapers.

BlueHive Security lens definitions are split into two tables, should be one.

Identify secrets, keys and sensitive information from the github repos.

Identify sensitive information in the mobile applications. Identify similar malicious or fake apps in the playstore/appstore.

Discover whether the system or server is infected with botnet.

Discover falsehood domains which are been registered to target authentic primary domain which are likely to be used by cyber criminals to launch targeted phishing attacks.

Checks for the DNS misconfigurations in SPF, DNSSEC, DNS Zone transfers, and DNS health records.

Check whether any file sharing software are used in the server and are misused.

Dark web – Are overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. This anonymity also creates a forum for illegal activity which is what the Dark Web is most associated with. Authorities have reported the trade of child pornography, drug related crime, illegal financing of pornography relating to children, violence, and animals. Dark Web market-place, also known as a crypto-market, operates by selling illegal goods such as drugs, weapons, and financial fraud related products and information.

Definition for Intrusions should be changed to - Identifies active intrusions and intrusion attempts on the network and firewalls.

Identify sensitive / confidential information leaked in distinguished sources across internet. Perform Checks in the surface and dark / deep web to identify confidential/sensitive information.

Identifies the malcontent or negative propaganda/campaigns about the organization or key individuals across the surface and deep / dark web. Identify malware infested content and checks Domains are in blacklist status.

Check for the VIP employees’ email ids in pwned / breach databases and cascade the same for the identified ones on fly.