We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Vulnerability Manager

Understanding Verification

  • Last updated on

It is unlawful to run a scan on a web application (web site) without express permission from its owner or operator. To prevent abuse of the system, you must first verify the domain you want to scan before you are able to run the scan.


How Verification Works

To verify a domain, you must have access to an email address at that domain. For example, if you want to scan example.com, you must have access to an email address ending in @example.com. You may also verify a domain using an email address at a subdomain or parent domain of the domain want to scan. For example, you may verify example.com with the address user@sub.example.com, and you may verify sub.example.com with the address user@example.com.

Barracuda Vulnerability Manager will send a verification link within an email to the verification address you provide. To verify the domain, click the link in the email.

Note: If you are having an authorized user perform the verification for you, instruct them to click the link in the email they receive from Barracuda Vulnerability Manager. The user performing verification does not necessarily need to log in to Barracuda Vulnerability Manager. If they are not logged in, they will not have access to any Barracuda Vulnerability Manager data.

Once you have verified a domain, you are not required to verify it again to run subsequent scans on that domain.

How to Verify a Domain

  1. On the Active Scans page, click New Scan to create a new scan.
  2. In the Scan Configuration window, enter the domain you want to scan in the URL to Scan field. A message appears, indicating the domain must be verified and that you must provide a verification email.


  3. Enter the verification email you want to use to verify the domain (e.g., demo@example.com).
  4. Configure the parameters of the scan in the Scan Configuration window. Click Help for details on the configuration parameters.
  5. Click Start Scan. You will receive a message that the scan will start as soon as the domain is verified:


  6. Open the email that was sent to your verification address. Click the link in that email.
    The scan will start as soon as the link is clicked.
    If you have set the scan to run at a future time, it will run automatically at that time. You will not need to verify the domain again.


If you do not have email access on this domain, refer to Verifying Domains without Email.

Last updated on