Discovery
Last updated
Last updated
© 2024 Halo Security
The discovery process is all about compiling a complete inventory of internet-facing assets.
We use several methods to identify potential assets (IP addresses or hostnames) that belong to your organization and present them to you to easily add those as targets within your account to help you gain full visibility into the risks across your organization's attack surface.
We use a few different methods to help you discover internet-facing assets.
Domain discovery uses a seed domain, like example.com
, to identify subdomains (or hostnames) such as sub.example.com
. Domain discovery also identifies other potential top-level domains, such as example.net
.
Jump to the full article for more details:
Network discovery monitors a network to identify IP addresses that are alive and exposed to the internet. If your organization controls a dedicated IP space, we can regularly monitor it for changes to ports and alive IP addresses to avoid unnecessary exposures going online. For instance, if you have a network like 74.62.62.128/26
we can discover alive IP addresses, such as 74.62.62.129
.
Jump to the full article for more details:
During the website and firewall monitoring scans, we identify references to other hostnames, such as scripts loading from example-static.com
or other hostnames on shared SSL/TLS certificates.
These are presented, along with other discovered hosts and domains, on Discovery › Add.
Discovering your full attack surface starts with entering the information you know, for instance, the list of domains your organization has registered or networks that your organization uses.
We then use that information to identify related or connected hostnames or IP addresses and present those to you. You can easily then add those hostnames or IP addresses as targets and apply the necessary scanning services to them.
When new targets are added, our discovery process will incorporate those new targets to further flush out a complete inventory of your organization's external assets.
We can summarize the process as follows:
Add domains or networks that you know about to your account
Halo Security discovers related IPs and hostnames
You decide whether to add those discovered assets as targets for our security monitoring services
Halo Security continuously updates the discovered asset inventory based on those new targets and as new assets are found
For more information on managing discovered targets, see:
Discovery is included in all Halo Security subscriptions. You may add as many domains and networks as you own at no additional cost.