FAQs

Q1 — How does Scani5 work?

A: Scani5 deploys lightweight agents across your estate to discover assets and collect software/configuration data. That data is correlated with vulnerability databases and threat intelligence; Scani5 then calculates RTI and Visibility Index scores, maps attack paths, and creates remediation tasks and executive reports.

Q2 — Which operating systems and browsers are supported?

A: Agents support Windows and Linux today; macOS support ETA Q3 2026 (per roadmap). For the dashboard, use the latest versions of Chrome, Edge, Firefox, or Safari.

Q3 — How do I install the Scani5 Agent?

A: Two primary methods:
(1) GUI: extract the agent zip → open Release → run the MSI and enter the Org Hash during setup.
(2) CLI: run
msiexec /i Scani5.msi ORG_HASH="---your-org-hash---" /quiet /norestart /l*v C:\Logs\install.log
Ensure a C:\Logs folder exists for installer logs.

Q4 — What is the Org Hash, and where do I get it?

A: The Org Hash (Org Key) uniquely links an installed agent to your Scani5 organization. Your Scani5 onboarding or admin portal provides it. If you don’t have it, contact the onboarding or support team.

Q5 — How does Scani5 prioritize vulnerabilities?

A: Priority is based on RTI (combines CVSS, exploitability, impact), Visibility Index (public attention/exploit chatter), exploitability evidence, and attack-path exposure—so business-critical assets with exploitable, visible vulnerabilities bubble to the top.

Q6 — What is RTI, and how is it calculated?

A: RTI = (CVSS + Exploitability + Impact) ÷ 3, using the highest-available values across CVE records (preferring CVSSv3). Result rounded to two decimals. This provides a normalized infrastructure risk score for each finding.

A: A dynamic score that measures how visible a vulnerability is in public sources (blogs, exploit databases, GitHub, forums). Scoring is age-based (≤7 days = 1.0, ≤30 = 0.8, ≤90 = 0.5, >90 = 0.2) and averaged across grouped CVEs.

Q8 — How are remediation tasks tracked?

A: Scani5 converts findings into tasks with lifecycle states (Open → In Progress → Closed). Tasks can be assigned to IT/system owners and tracked until resolved, supporting both patch and mitigation workflows.

Q9 — What reports are available?

A: Scani5 provides vulnerability insights, asset-context reports, root-cause & fix recommendations, executive risk reports, and audit-ready historical reports to support compliance.

Q10 — What should I do if an agent isn’t reporting?

A: Quick checklist:

Confirm the agent process is running on the endpoint.
Verify Org Hash was entered correctly.
Ensure network connectivity to Scani5 services.
Check installer log at C:\Logs\install.log.
If using MDM/AD, confirm deployment completed.
If unresolved, contact support.

Q11 — How are roles and access controlled?

A: Use predefined roles: Org Admin (full access) and Org User (restricted). Admins manage users, settings, SLAs, and modules. Users have limited access to settings and view-only rights on some pages, but can run reports.

Q12 — Where can I get help or onboarding assistance?

A: Scani5 offers 24/7 support, onboarding assistance via sales/channel partners, and knowledge-base articles.

Q1 — How does Scani5 work?​

Q2 — Which operating systems and browsers are supported?​

Q3 — How do I install the Scani5 Agent?​

Q4 — What is the Org Hash, and where do I get it?​

Q5 — How does Scani5 prioritize vulnerabilities?​

Q6 — What is RTI, and how is it calculated?​

Q7 — What is the Visibility Index (Social Score)?​

Q8 — How are remediation tasks tracked?​

Q9 — What reports are available?​

Q10 — What should I do if an agent isn’t reporting?​

Q11 — How are roles and access controlled?​

Q12 — Where can I get help or onboarding assistance?​