Skip to content

Discovery Configuration

The Discovery Configuration page allows you to define the scope of your organization's attack surface. This includes specifying the domains, IP addresses, and container images you want to monitor for threats. Any listed domains, IP addresses, and discovered subdomains will be in scope for threat discovery testing.

Scan Frequency

The scan frequency determines how often the system will scan the assets within your defined scope. The default scan frequency is set to once a week. You can adjust this frequency by selecting a different interval using the slider.

Initiate Manual Scan

Next to each Domain, IP, and Container will be two buttons. The leftmost button will initiate a manual scan of the requested item, while the rightmost will remove the item from your scope.

Domains

  • Domain: The domain name you want to monitor.

  • Description: A brief description or label for the domain to help identify its purpose or role within your organization.

  • Include Subdomains: Indicates whether subdomains of the specified domain should also be included in the monitoring.

  • Authentication: Specifies the type of authentication used to access the domain, if any.

  • Last Scan: The date when the domain was last scanned for potential threats. This helps track the most recent security check.

Adding Domains

  1. Click the "Add Domain" button in the Domains section.

  2. Enter the base domain without any subdomains you would like to monitor. Include Subdomains if necessary.

  3. Choose the authentication method and fill out required information:

    • Basic Auth

    • API Key (Query Parameters)

    • Bearer Token

    • Custom Header

    • Cookie

    • Username and Password (HTML Form)

    • None

  4. Provide a brief description of the domain, such as "Corporate Website."

IP Addresses

  • IP Address: The IP Address that you want to monitor.

  • Description: A brief description or label for the IP address to help identify its purpose or role within your network.

  • Last Scan: The date when the IP address was last scanned for potential threats. This helps track the most recent security check.

Adding IP Addresses

  1. Click the "Add IP Addresses" button in the IP Address Section.

  2. Enter the IP addresses you would like to monitor.

  3. You can enter as a single IP address, CIDR, or Comma Separated List.

  4. Provide a brief description of the IP address, such as "Example IP Address."

Container Images

  • Container Image: The container image name and tag you would like to monitor (e.g., example/image:latest).
  • Description: A brief description of the container image, such as "Corporate Backend Container."
  • Authentication: You can specify the username and password used to access the container registry, if applicable.
  • Last Scan: The date when the container image was last scanned for potential vulnerabilities or misconfigurations.

Adding Container Images

  1. Click the "Add Container Image" button in the Container Images section.
  2. Enter the container image name and tag you want to monitor (e.g., example/image:latest).
  3. (Optional) Enter the container registry (e.g., docker.io) where the image is hosted.
  4. If required, enter the Username and Password for accessing the container registry.
  5. Provide a brief description of the container image, such as "Corporate Website Backend."
  6. Save your changes to begin monitoring the container image for threats.