The Automated Web Vulnerability Scanner for DevOps

VAddy integrates with your existing CI tools
and performs robust security checks
— so your developers can code secure.


How secure is your code?

VAddy gives you insight into the security of your web apps —
and easily hooks into your standard deployment process.

Help your developers code securely

With VAddy, there’s no need for your developers to be security experts.
Easily discover vulnerabilities, and deal with them before they become entrenched in your code.

Find vulnerabilities in new features or maintenance

VAddy automatically runs as part of your existing CI process.
VAddy runs after every code change, and alerts you when a commit contains vulnerabilities.

Reduce last-minute vulnerability scans

We’ve all had projects where a vulnerability found just before release threw the entire project off-schedule. Help prevent last-minute surprises by continually performing high-quality security analysis throughout your development process.

Quickly identify bad coding trends

VAddy allows you to visualize the frequency of security vulnerabilities caused by each team member or code module. Quickly identify problem areas, and increase education to improve areas or developers with weak security knowledge.


Why Use VAddy?

No Security Knowledge Needed

Our diagnostic engine is continually being tuned and updated with the latest threats by our security experts. That allows your team to easily develop secure applications without special domain knowledge.

Integrates with your existing process

VAddy integrates easily with CI tools such as Jenkins and TravisCI, and performs security checks and audits automatically on every build — without disturbing your existing development flow.

Compatible with all languages

VAddy is built around large library of security issues and technical experts over a wide range of languages and frameworks. Whatever tech stack you use, VAddy has a solution for you.





  Starter Professional
SQL injection tests
Cross-site scripting (XSS) tests
Remote file inclusion (RFI) tests -
Command injection tests -
Directory traversal tests -
CI integrations
Web API access
VAddy PrivateNet -
Team size 5 users/domain 50 users/domain
Unlimited scans
Maximum time per scan 30 minutes 120 minutes
Scan speed Fast Very Fast
Scan history 1 year 2 years
Scan targets (included) 3 domains 3 domains
Scan targets (additional) ¥2,000 per domain/month ¥6,000 per domain/month
Pricing ¥6,000 per month ¥19,800 per month

All listed prices are excluding tax.
>>What Does VAddy Test?

What forms of payment do you accept?

We currently accept any credit or debit card. All charges are processed in JPY and will appear as “Bitforest/VAddy” on your card statement.

What is your minimum invoicing period?

One month.
After you have upgraded to a premium plan, you may pause it at any time on the following month. This allows you to keep your account and your existing crawl data until the next time you need it.

How does the free trial work?

After signing up for a new VAddy account, you can try out all the functionality of our Professional Plan (normally ¥19,800/month) free of charge for two weeks. At the end of your free trial, your account will automatically be paused but you may upgrade to a premium plan at any time.

How much does it cost to use VAddy with a team?

Only one account (the owner) will be billed for each domain; other team members can register and view crawl data, runs scans, and view scan results—given the appropriate access permissions—on their team’s domain free of charge.

For more details, see the Team Features section of our Quickstart Guide.

I have another question…

If you can’t find the answer on our Billing FAQ, send us an email at or contact us on Twitter @vaddy_support and we’d be happy to help you!






Yasushi Ichikawa

Product Manager & Developer
Twitter: @ichikaway

Tadashi Satoh

Security Expert & Developer
Twitter: @kinyuka

Katsuya Nishino

Public Relations & Marketing
Twitter: @vaddy_support