Skip to content

Autodiscovery Scan

The Autodiscovery Scan profile automatically discovers external digital assets associated with your organization and performs security assessments on them.

Overview and Capabilities

  • Asset Discovery:
    • Identifies domains and subdomains linked to the organization.
    • Discovers publicly available mobile applications (Android & iOS) associated with the organization.
    • Identifies IP addresses and network blocks related to the organization through sources like domain registration data (WHOIS).
    • Maps discovered assets and their relationships.
  • Information Gathering:
    • Retrieves domain and IP address ownership details (WHOIS).
    • Fetches public SSL/TLS certificate information from discovered domains and services.
    • Determines the geographical location of discovered IP addresses.
  • Technology and Service Identification:
    • Scans discovered IP addresses and hosts for open ports and running network services.
    • Detects the specific technologies, frameworks, and software used by discovered web applications and services.
  • Vulnerability Identification:
    • Scans discovered network services and applications for thousands of known vulnerabilities (CVEs) using signature-based detection.
    • Identifies common security misconfigurations on discovered infrastructure and services.
  • Security Configuration Analysis:
    • Analyzes SSL/TLS encryption configurations on detected services for weaknesses, certificate issues, and outdated protocols.

This profile combines extensive searching to identify your organization's external digital assets (domains, subdomains, IPs, mobile apps) with technical information gathering, technology fingerprinting, and assessment for known vulnerabilities and configuration weaknesses. The result is a broad overview of your externally exposed infrastructure, helping to uncover potentially unknown or unmanaged components and evaluate their security status.