Our first step is always helping the organizations we work with gain a complete inventory of internet-facing assets. Once you've completed your signup, we'll automatically start the process of discovering your internet-facing assets.
We start with the domain you used to sign up. So if your email address is
[email protected]we'll use
example.comas your initial seed domain. We'll immediately start looking for subdomains, like
dev.example.com, and add those as targets within your account to start scanning them for website security and firewall configuration issues.
As soon you start your trial, you can see the progress of the initial discovery. Depending on the number of assets we discover, the initial discovery can take anywhere from a few minutes to a few hours. We'll send you some emails as scans complete so that you can carry on about your day and come back when we have something to show you.
When you initially land in the dashboard, you'll see the progress of the initial discovery and what we've found so far, as well as some fields where you can enter additional seed domains you own like
another-example.com. If your initial scans have already completed, you can add more seed domains on Discovery > Domain > Add.
If you have a lot of domains or a list of hostnames you know about, you can also send our team a CSV and we'll get them added, or use our integrations to connect to 3rd party services like AWS, Azure, and Cloudflare.
While we automatically add subdomains to your account, we may also find several other assets that potentially belong to your organization. We recommend reviewing the list of hosts and domains at Discovery > Add. If the asset belongs to your organization, click Add and we'll add it as a target and kick off it's initial scans. If they're not yours, ignore them by clicking Hide. We'll add those domains as acknowledged hosts and not suggest them again.