HailBytes Vulnerability Scanner Infrastructure Calculator

A zero-dependency web component for sizing vulnerability scanning infrastructure. Input your target host count, scan intensity, tools, and compliance requirements. Get VM sizing, timing analysis, cost estimates (AWS & Azure), and ROI comparison vs. HailBytes ASM managed service — instantly in the browser with no server or build step required.

Works as a single <script> tag inside Hugo, React, Vue, Next.js, or plain HTML — or install via npm.

---

Install

npm install @hailbytes/vulnerability-calculator

Or use it without a bundler via a CDN (see below).

Quick Start

npm (bundlers, Next.js, Vite, Webpack, etc.)

// Side-effect import registers the <hailbytes-vuln-calculator> custom element.
import '@hailbytes/vulnerability-calculator';

// Or import the pure DOM-free calculator:
import { calculate } from '@hailbytes/vulnerability-calculator';
console.log(calculate({ /* inputs */ }).vm_resources);

<hailbytes-vuln-calculator theme="dark"></hailbytes-vuln-calculator>

<!-- White-label (no HailBytes branding) -->
<hailbytes-vuln-calculator theme="dark" branding="off"></hailbytes-vuln-calculator>

Plain script tag

<!-- 1. Load the component -->
<script type="module" src="hailbytes-vuln-calculator.js"></script>

<!-- 2. Drop the tag anywhere -->
<hailbytes-vuln-calculator></hailbytes-vuln-calculator>

---

Integration Examples

Plain HTML / Hugo

<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <title>Vulnerability Scanner Calculator</title>
</head>
<body>
  <hailbytes-vuln-calculator theme="dark"></hailbytes-vuln-calculator>

  <script type="module"
    src="https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js">
  </script>
</body>
</html>

Hugo shortcode (layouts/shortcodes/vuln-calculator.html):

<script type="module" src="https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js"></script>
<hailbytes-vuln-calculator theme="{{ .Get \"theme\" | default \"dark\" }}"></hailbytes-vuln-calculator>

CDN via jsDelivr

<script type="module"
  src="https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js">
</script>
<hailbytes-vuln-calculator></hailbytes-vuln-calculator>

React

import { useEffect, useRef } from 'react';

import('https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js');

export default function VulnCalc({ onCalculated }) {
  const ref = useRef(null);

  useEffect(() => {
    const el = ref.current;
    if (!el) return;
    const handle = (e) => onCalculated?.(e.detail);
    el.addEventListener('vuln-calculated', handle);
    return () => el.removeEventListener('vuln-calculated', handle);
  }, []);

  return <hailbytes-vuln-calculator ref={ref} theme="dark" />;
}

Vue 3

<template>
  <hailbytes-vuln-calculator theme="dark" @vuln-calculated="onCalc" />
</template>

<script setup>
import 'https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js';

function onCalc(e) { console.log('Result:', e.detail); }
</script>

---

API Reference

Attributes

Attribute	Values	Default	Description
theme	dark light	dark	Color scheme
branding	"off"	(shown)	Hide the "by HailBytes" footer + header badge

Events

Event Name	Fired When	event.detail
vuln-calculated	User clicks "Calculate" button	Full result object

Input Schema

Field	Type	Range / Options
target_hosts	number	1–50,000
scan_intensity	string	light, medium, aggressive, continuous
scan_frequency	string	daily, weekly, monthly, quarterly
scan_window	number	1–24 (hours)
scanning_tools	string[]	hailbytes_asm, openvas, nessus_professional, qualys_vmdr
compliance_needs	string[]	pci, hipaa, nist, iso27001, soc2

Result Object Shape

{
  "vm_resources": {
    "cpu_cores": 8,
    "ram_gb": 16,
    "ram_recommended": 24,
    "storage_gb": 70,
    "network_bandwidth_mbps": 14,
    "docker_required": true,
    "tool_type": "hailbytes_asm"
  },
  "timing": {
    "total_scan_time_minutes": 1500,
    "optimized_scan_time_minutes": 19,
    "parallel_hosts": 800,
    "scan_window_utilization": 3.9,
    "performance_metrics": {
      "efficiency_rating": "excellent",
      "bottleneck_analysis": [],
      "optimization_suggestions": []
    }
  },
  "costs": {
    "infrastructure_monthly_aws": 374,
    "infrastructure_monthly_azure": 352,
    "tool_licensing_annual": 0,
    "tool_management_monthly": 450,
    "tool_setup_cost": 600,
    "total_monthly_aws": 824,
    "total_monthly_azure": 802,
    "roi_analysis": {
      "self_managed_monthly": 824,
      "managed_monthly": 299,
      "monthly_savings": 525,
      "annual_savings": 6300,
      "roi_percentage": 176.3,
      "has_managed_option": true
    },
    "tool_breakdown": { "hailbytes_asm": { "...": "..." } }
  },
  "recommendations": ["..."],
  "has_asm": true,
  "inputs": { "...": "..." },
  "timestamp": "2025-01-01T00:00:00.000Z"
}

---

Scanning Tools

Tool Key	Display Name	License	Notes
hailbytes_asm	HailBytes ASM	Free (OSS)	Attack Surface Management; managed service available
openvas	OpenVAS	Free (OSS)	Vulnerability scanner; requires feed maintenance
nessus_professional	Nessus Professional	~$3,990/yr	Widely supported commercial scanner
qualys_vmdr	Qualys VMDR	~$3,500/yr	Cloud-native vulnerability management

HailBytes ASM is the recommended choice for continuous attack surface visibility. It can be self-hosted (Docker) or used as a fully managed service starting at $299/month — eliminating infrastructure overhead and setup time.

---

Calculation Methodology

HailBytes ASM Resource Sizing

host_factor       = max(1, target_hosts / 1000)
compliance_factor = 1.0 + (num_compliance * 0.1)
total_multiplier  = intensity_mult × frequency_mult × compliance_factor

cpu_cores  = max(2, ceil(4 × host_factor × total_multiplier))
ram_gb     = max(4, ceil(8 × host_factor × total_multiplier))
storage_gb = max(20, ceil(50 + (target_hosts/100 × 2) × compliance_factor))
network    = max(10, ceil(target_hosts/200 × intensity_mult × compliance_factor))

Intensity multipliers (HailBytes ASM): light=1.0, medium=1.3, aggressive=1.8, continuous=2.2
Frequency multipliers: daily=1.5, weekly=1.0, monthly=0.8, quarterly=0.6

Traditional Scanner Sizing

host_factor = max(0.001, target_hosts / 1000)
cpu_cores   = max(2, ceil(4   × host_factor × intensity_mult))
ram_gb      = max(4, ceil(8   × host_factor × intensity_mult))
storage_gb  = max(10, ceil(0.5 × target_hosts / 1024))
network     = max(10, ceil(target_hosts/100 × intensity_mult))

Intensity multipliers (traditional): light=1.0, medium=1.5, aggressive=2.5, continuous=3.0

Timing

base_scan_time      = hailbytes_asm ? 1.5 : 2.0  (min/host)
time_mult           = { light:0.5, medium:1.0, aggressive:2.0, continuous:0.3 }
total_scan_time     = base × target_hosts × time_mult
parallel_hosts      = min(target_hosts, cpu_cores × 100)
optimized           = ceil(total / max(1, parallel_hosts/100))
window_utilization  = min(100, optimized / (scan_window × 60) × 100)

Cloud Costs

scale_factor   = max(cpu_cores/4, ram_gb/8)
aws_monthly    = ceil(0.17 × scale_factor × 730 + storage_gb × 0.10)
azure_monthly  = ceil(0.16 × scale_factor × 730 + storage_gb × 0.12)

---

See also

Part of the HailBytes calculator suite — drop-in web components for security and risk:

• @hailbytes/vulnerability-calculator — vulnerability scanner infrastructure sizing (this package)
• @hailbytes/password-analyzer — password strength + entropy analyzer (repo)
• @hailbytes/pentest-calculator — penetration testing scope and cost estimator (repo)
• @hailbytes/security-roi-calculator — security awareness training ROI (repo)

---

License

Mozilla Public License 2.0

---

Built by HailBytes — Managed Attack Surface Management.

---

Enterprise Support

Need managed attack surface management without the operational overhead? HailBytes ASM delivers enterprise-grade attack surface management with full support, available on AWS and Azure Marketplaces.

Get Enterprise Support ->

Part of the HailBytes open-source security toolkit.