1. Public External Scan

The public external scan reviews the visible website from the outside. It can help identify transport security issues, exposed routes, security headers, login/session surfaces, API visibility, and OWASP-style exposure indicators.

Best for: quick first look, pre-sales trust, public exposure review, and Free Scan workflows.

2. DAST-Style Exposure Checks

DAST means Dynamic Application Security Testing. In the Aegisify WordPress context, DAST-style checks help review how the website behaves from the outside while it is running. This may include route visibility, API discovery, forms, headers, redirects, and login/session behavior.

Best for: identifying what attackers may see publicly without requiring WordPress admin access.

3. SAST-Style Code and File Review

SAST means Static Application Security Testing. In the Aegisify workflow, SAST-style review helps inspect WordPress-side code and file signals for risky patterns, suspicious changes, unexpected files, dangerous functions, and plugin or theme security concerns.

Best for: plugin security review, theme review, malware indicators, risky file changes, and remediation planning.

4. Plugin Security and Dependency Review

WordPress security often depends on plugin and theme hygiene. Aegisify Audit helps review installed components, version signals, known vulnerable components, software-risk indicators, Composer packages, npm packages, PyPI-style dependency signals where relevant, and hardening drift.

Best for: agencies, WooCommerce stores, membership sites, and business-critical WordPress environments where one plugin can create major business risk.

5. WordPress Activity Logs and Sensors

Activity sensors help capture important WordPress events such as login behavior, user changes, plugin changes, theme changes, file changes, settings changes, and other security-relevant activity.

Best for: understanding what changed, who changed it, and whether activity patterns look suspicious.

6. Optional Debug Log Review

Debug logs can help identify PHP errors, warnings, plugin conflicts, failed operations, and symptoms of broken or suspicious behavior. Debug log access should be optional and handled carefully because logs may contain sensitive information if a website writes sensitive data there.

Best for: troubleshooting, error investigation, plugin conflict review, and security-relevant technical context.

7. Malware Indicator Review

Malware indicator review looks for suspicious code, unexpected files, abnormal patterns, risky changes, or signals that may require deeper investigation. Aegisify should not claim one-click guaranteed cleanup. The value is helping customers see suspicious evidence and prioritize safer remediation.

8. API Discovery and WordPress Route Review

WordPress sites often expose REST API routes, plugin endpoints, admin-ajax behaviors, ecommerce endpoints, and integration surfaces. Aegisify Audit helps identify visibility and risk context so teams know which routes deserve review.

9. AI-Assisted Threat Prioritization

Artificial Intelligence can help summarize logs, scan results, vulnerability findings, DAST-style evidence, SAST signals, and plugin security data. The goal is to reduce noise and help teams understand what to review first.

AI output should remain human-reviewable. Aegisify should help explain risk, not replace responsible security judgment.

How These Scan Types Work Together

Question	Scan Signal
What can the public see?	External scan and DAST-style checks
What is installed?	Agent software inventory and plugin security review
What changed?	Activity sensors and file/code signals
What looks suspicious?	SAST-style review, malware indicators, logs, and AI-assisted correlation
What should be fixed first?	Risk scoring, business impact, and AI-assisted prioritization