The discovery process is all about compiling a complete inventory of internet-facing assets.

We use several methods to identify potential assets (IP addresses or hostnames) that belong to your organization and present them to you to easily add those as targets within your account to help you gain full visibility into the risks across your organization's attack surface.

Discovery Types

We use a few different methods to help you discover internet-facing assets.

Domain Discovery

Domain discovery uses a seed domain, like, to identify subdomains (or hostnames) such as Domain discovery also identifies other potential top-level domains, such as

Jump to the full article for more details:

pageDomain Discovery

Network Discovery

Network discovery monitors a network to identify IP addresses that are alive and exposed to the internet. If your organization controls a dedicated IP space, we can regularly monitor it for changes to ports and alive IP addresses to avoid unnecessary exposures going online. For instance, if you have a network like we can discover alive IP addresses, such as

Jump to the full article for more details:

pageNetwork Discovery

Connected Asset Discovery

During the website and firewall monitoring scans, we identify references to other hostnames, such as scripts loading from or other hostnames on shared SSL/TLS certificates.

These are presented, along with other discovered hosts and domains, on Discovery › Add.

Discovery Process

Discovering your full attack surface starts with entering the information you know, for instance, the list of domains your organization has registered or networks that your organization uses.

We then use that information to identify related or connected hostnames or IP addresses and present those to you. You can easily then add those hostnames or IP addresses as targets and apply the necessary scanning services to them.

When new targets are added, our discovery process will incorporate those new targets to further flush out a complete inventory of your organization's external assets.

We can summarize the process as follows:

  1. Add domains or networks that you know about to your account

  2. Halo Security discovers related IPs and hostnames

  3. You decide whether to add those discovered assets as targets for our security monitoring services

  4. Halo Security continuously updates the discovered asset inventory based on those new targets and as new assets are found

For more information on managing discovered targets, see:

pageDiscovered Assets


Discovery is included in all Halo Security subscriptions. You may add as many domains and networks as you own at no additional cost.

Last updated