The Automated Web Vulnerability Scanner for DevOps

VAddy integrates with your existing CI tools
and performs robust security checks
— so your developers can code secure.



How secure is your code?

VAddy gives you insight into the security of your web apps —
and easily hooks into your standard deployment process.

Help your developers code securely

With VAddy, there’s no need for your developers to be security experts.
Easily discover vulnerabilities, and deal with them before they become entrenched in your code.

Find vulnerabilities in new features or maintenance

VAddy automatically runs as part of your existing CI process.
VAddy runs after every code change, and alerts you when a commit contains vulnerabilities.

Reduce last-minute vulnerability scans

We’ve all had projects where a vulnerability found just before release threw the entire project off-schedule. Help prevent last-minute surprises by continually performing high-quality security analysis throughout your development process.

Quickly identify bad coding trends

VAddy allows you to visualize the frequency of security vulnerabilities caused by each team member or code module. Quickly identify problem areas, and increase education to improve areas or developers with weak security knowledge.


Why Use VAddy?

No Security Knowledge Needed

Our diagnostic engine is continually being tuned and updated with the latest threats by our security experts. That allows your team to easily develop secure applications without special domain knowledge.

Integrates with your existing process

VAddy integrates easily with CI tools such as Jenkins and TravisCI, and performs security checks and audits automatically on every build — without disturbing your existing development flow.

Compatible with all languages

VAddy is built around large library of security issues and technical experts over a wide range of languages and frameworks. Whatever tech stack you use, VAddy has a solution for you.

Oneteam Inc.

"By using a tool provided by a company like VAddy that specializes in security, we have been able to confidently release a product."

Atsushi Nagase
Lead engineer
at Oneteam

EXGEN Networks Co., Ltd.

"We have been impressed with VAddy’s ease of use, ability to scan web APIs, and prompt technical support. We hope that VAddy will continue to help us make our web applications even more secure."

Kentaro Nomura
at EXGEN Networks


”We feel more secure in the knowledge that we can easily scan our site for vulnerabilities at any time. In fact, we have scheduled daily scans using VAddy’s web API even though we can also connect VAddy with our continuous integration tools.”

Hiroaki Akanuma
CTO at UniFa


“VAddy made it easy to implement continuous security tests, giving us greater peace of mind whenever we add new features.”

Yusuke Tamukai
CEO at Velc


“Because we can connect VAddy with our continuous integration tools, we no longer have to put off vulnerability testing until the last minute. We are currently evaluating VAddy as we run it through its paces with just one of our services, but we are considering future plans to use VAddy with all of our other services, as well.”

Tomonari Nakamura
Software Developer
& Build Engineer at Nulab


“VAddy has been very helpful in allowing us to scan our API servers for vulnerabilities with ease. We plan to keep using VAddy so we can continuously test for vulnerabilities throughout our application development process.”

Hideo Mukaida
Senior Developer



  Free Standard Professional
Unlimited scans
SQL injection tests
Cross-site scripting (XSS) tests
Remote file inclusion (RFI) tests  
Command injection tests  
Directory traversal tests  
Jenkins/CircleCI integrations
Web API access
Team size   5 users/domain 50 users/domain
Maximum time per scan 5 minutes 60 minutes 180 minutes
Scan speed Normal Fast Very Fast
Scan history 1 month 1 year 3 years
Scan targets (included) 3 domains 3 domains 3 domains
Scan targets (additional)   $30
per domain/month
per domain/month
Pricing $0
per month
per month
per month

You can try VAddy’s Standard plan free for 14 days!
>>What Does VAddy Test?

What forms of payment do you accept?

We currently accept any credit or debit card with a Visa or MasterCard logo. All charges are processed in USD and will appear as “Bitforest/VAddy” on your card statement.

When will I be billed?

By default, you will be billed at the beginning of each month for the previous month’s usage. We don’t offer prorated billing or refunds, so once you upgrade your plan you must wait until the next billing cycle before you can downgrade to a lower tier. If you choose to cancel your premium plan subscription entirely, you may continue to use your account on the Free plan but your scan history will be immediately reduced to one month.

Do you offer free trials?

We do! When you sign up for a new VAddy account, you have two weeks to try out all of the features available with the Standard plan (ordinarily $100/month) for free. If you choose not to sign up for a premium plan at the end of your two-week free trial, your account will be automatically downgraded to the Free plan.

How much will my team members be charged?

Nothing! Once you have registered a domain name with your VAddy account and upgraded to a premium plan, you will be the only person who receives an invoice covering that domain. You can invite your team members (up to 5 on the Standard plan or up to 50 on the Professional plan) to scan for vulnerabilities on your domain at no additional cost.

For more details, see the Team Features section of our Quickstart Guide.

I have another question…

If you can’t find the answer on our Billing FAQ, send us an email at or contact us on Twitter @vaddy_support and we’d be happy to help you!






Yasushi Ichikawa

Product Manager & Developer
Twitter: @ichikaway

Tadashi Satoh

Security Expert & Developer
Twitter: @kinyuka

Katsuya Nishino

Public Relations & Marketing
Twitter: @vaddy_support