Security

About the AuditWard Scanner

Last updated: June 12, 2026

1. Why You Are Seeing Our Traffic

AuditWard is a security and quality scanning platform. If you found this page from your server logs, an AuditWard customer has requested a scan of a website or application and identified it as one they are authorized to test. Every scan is tied to a customer who has accepted our Terms of Service, which require them to hold all necessary permissions for the systems they scan, and customers verify ownership of their domains via DNS before full scans are permitted.

2. Identifying Our Traffic

Our scanner identifies itself with the following User-Agent string on its HTTP requests:

  • AuditWard/1.0 (+https://auditward.com/scanner)

Scan traffic originates from AuditWard infrastructure hosted on Amazon Web Services. We are in the process of publishing our static scanning IP ranges and reverse-DNS records on this page; until then, the User-Agent string above is the authoritative way to identify our scanner.

3. How Our Scanner Behaves

  • Requests are rate-limited to avoid measurable impact on target systems.
  • Paths disallowed by your robots.txt are excluded from crawl-based discovery.
  • We never perform denial-of-service or flooding tests.
  • Takeover-style weaknesses (for example dangling DNS or storage buckets) are detected and reported only — never exploited or claimed.
  • Scans against unverified domains are restricted to passive, header-level checks.

4. Opting Out

If you own or operate a system and do not want it scanned by AuditWard under any circumstances, email security@auditward.com with the domain or IP range and evidence that you control it (for example, a DNS TXT record we provide, or a reply from a contact address listed in the domain's WHOIS or security.txt). Once verified, we add the resource to a permanent blocklist enforced before any scan starts, and confirm the opt-out to you.

5. Reporting Abuse or Problems

If you believe a scan caused a problem, was not authorized, or you have any other concern about our traffic, contact security@auditward.com and include the timestamps, source IPs, and request paths from your logs. We treat these reports with priority and will suspend the offending scan configuration while we investigate. Security vulnerabilities in AuditWard itself are covered by our Responsible Disclosure Policy.