scan command performs a comprehensive security assessment of your endpoint, checking for vulnerabilities, misconfigurations, outdated software, and known threats. Results are scored and prioritized by AI so you can focus on what matters most.
Usage
Options
Run a fast scan covering only critical checks.
Write the scan results to the specified file path. Supports
.json, .html, and .pdf formats
based on file extension.Set the output language for scan results (e.g.,
en, zh-TW, ja).Show detailed output including individual check progress and debug information.
Examples
Scan Types
| Mode | Checks | Duration |
|---|---|---|
--quick | Critical vulnerabilities, open ports, root access | ~30 seconds |
| Full (default) | All scanners including CVE, CIS benchmarks, malware signatures, network | 2-5 minutes |
What Gets Scanned
- System vulnerabilities — CVE database matching against installed packages
- Configuration audit — CIS benchmark checks for OS hardening
- Network exposure — Open ports, listening services, firewall rules
- Malware detection — ATR rule matching and hash lookups
- File integrity — Checks against known-good baselines
- User accounts — Privilege escalation risks, weak credentials
Related
First Scan Guide
Step-by-step walkthrough of your first security scan.
Scanners Reference
Detailed documentation for each scanner module.
Risk Scoring
How Panguard AI prioritizes and scores findings.
panguard report
Generate compliance reports from scan data.