Update your browser to stay safe online

If you're seeing this message, you may need to update your browser.

Without the most up-to-date version of your browser, you may be more vulnerable to cybersecurity threats, such as viruses and ransomware.

You also may have problems viewing our latest site features, as Telstra's website does not support outdated browsers. Find out more about staying safe online.

Find the network threats that put your business at risk

A cloud delivered scanning solution to proactively assess the network and application risks your company might face – potentially saving you thousands.

Stay up to date and protected from threats

Vulnerability Services scan fixed IP addresses and web applications to assess and reduce the risk of known cyber security breaches, including zero-day threats. The solution also helps you meet compliance standards and provides network insights to prioritise your network security investments.

It’s backed by the world-leading technology of Qualys, one of the few organisations accredited by the PCI Council.

Getting started

Talk to your Account Executive

Not sure who they are?

 Call 1300 835 787

We're available Monday to Friday, 9am-5pm

Talk to a sales specialist

Enquire now


Vulnerability scan in four simple steps

business enterprise vulnerability services

Step 1: Receive your initial login details & personalise

You’ll receive a welcome letter with login details, which will include a link to the Qualys community site with training videos.

Step 2: Set up your scans and reports

Create and schedule the frequency and identify the network assets to be scanned, before running the report.

Step 3: Receive your report

Choose to receive reports via a URL link or email. Reports include a high-level summary, ranked order of priority, details for each vulnerability, recommended actions to fix each vulnerability and an assessment of your scanned network versus known threats.

Step 4: Learn more from the knowledge base

Access the community portal to gain more knowledge, interact with other users and receive updates on new features and functions.

Vulnerability Scan

This self-service option lets you set up scans on your external, fixed IP addresses for your network, web application and card payment systems.  Detect threats in the cloud and stop them before they reach your corporate network.

Generate reports ranking and rating vulnerabilities through an easy-to-use portal. You can engage our consultants to evaluate basic reports in more detail and provide remedial actions. 

Pricing is based on the number and type of scans required. You can be up and running within a few days.

Find out more

Vulnerability Assessment

A Telstra Security Consultant will perform scans based on your requirements and then provide a customised report of risks identified, vulnerability ratings and recommendations. This option is ideal if you don't have in-house expertise or need more detailed reporting.

To find out more, contact your Account Executive.



Best of breed solution
This solution is offered in conjunction with Qualys, the only provider offering a cloud solution for Internal and External Scanning with complete audit trails with verifiable results. Qualys is also a PCI-approved scanning vendor.


No matter what the environment, we can give you a view of your assets and the vulnerabilities that exist. Combine internal and external scans to view a single report on the state of your network. See where your IT systems might be vulnerable to the latest internet threats and how to protect them.


Flexible cost effective threat assessment
Get options based on the number and type of IP addresses you want scanned at a fixed monthly price with no upfront fee. Gives the flexibility to run scans when you want and provides insights to prioritise security investment.


Vulnerability Assessment can help you achieve PCI compliance status and secure your network as it’s designed to meet certain PCI scanning requirements. With integrated security and compliance, you can analyse, manage and view your IT security and compliance posture in one unified view.


We’ll scan your assets automatically on an ongoing basis, report any new vulnerabilities and help you stay on top of any new threats.


External IP Address Scans

You’ll have access to a cloud-based virtual machine instance that scans external public IP addresses and comprises the following features:


Payment Card Industry Data Security Standard (PCI-DSS) is a proprietary information security standard set up to ensure that companies handling credit or debit card information maintain a secure environment. Validation of compliance with the standard is performed annually, either by an external Qualified Security Assessor (QSA) or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes.

Fixed number of Web Application Scanning (WAS)

Discover official and “unofficial” apps that may be residing inside your environment. WAS detects applications that are vulnerable to issues including the OWASP Top 10, SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF) and URL redirection.

Additional Web Application Scans

You can purchase additional Web Application Scans of your externally facing web applications.

PCI-DSS and Fixed number of Web Application Scanning (WAS) are both included when you purchase an external IP scan.

Add-on scans

To find out more about these add-ons please contact your Account Executive.

Internal IP Address Scans

Provides a hardware or virtual scanning appliance located inside your network to scan one or more internal network segments. It allows the results of the internal scan to be combined with the external scan to provide a single report on the state of your network.

Zero Day Scan

Scan internal IP addresses for zero day vulnerabilities to check your applications and operating system against a constantly updated list of exploits that have yet to be patched.  Identify vulnerable applications that can be quarantined from the network until a patch or update is supplied by the developer. We recommend that you run this scan on a daily basis for maximum effectiveness.

External IP Address Scan Pricing

Charges for External Vulnerability Scans (which includes the VM Scan, PCI Compliance scan and Web Application Scan) are set out below.

No. IP addresses Monthly charge (GST excl.) Annual Charge (GST excl.)
8 IP addresses (includes 1 WAS) $283 $3,056
16 IP addresses (includes 1 WAS) $396 $4,277
32 IP addresses (includes 1 WAS) $567 $6,124
64 IP addresses (includes 1 WAS) $907 $9,796
96 IP addresses (includes 1 WAS) $1,304 $14,083
128 IP addresses (includes 1 WAS) $1,701 $18,371
150 IP addresses (includes 1 WAS) $1,928 $20,822
200 IP addresses (includes 2 WAS) $4,811 $51,959
300 IP addresses (includes 3 WAS) $5,599 $60,469
400 IP addresses (includes 4 WAS) $6,255 $67,554
500 IP addresses (includes 5 WAS) $6,829 $73,753
600 IP addresses (includes 6 WAS) $7,346 $79,337
700 IP addresses (includes 7 WAS) $7,819 $84,445
800 IP addresses (includes 8 WAS) $8,258 $89,186
2001+ users POA POA
2001+ users POA POA
Vulnerability Service Add-on – Additional Web Application Scans  
No. IP addresses Monthly charge (ex GST) Annual charge (ex GST)
For each additional WAS $68 $734

Get started with your Vulnerability Services today



You'll need Telstra online access to purchase and manage your cloud services.

New to Telstra?

Create a new username and password, and register a new Telstra account for your company.


Telstra customer without online access?

If you're an existing Telstra Business and Enterprise customer, you can register for Telstra online access.





External Vulnerability Scans


Once your Vulnerability Service offering is provisioned, you’ll be sent an email providing login details.