For most organizations, the largest threat to their network originates on the internet. An attacker does not have to be sitting in your office, your state, or even your country. More than ever, the attacker might not be targeting you specifically. As computing power increases and costs decreases, it is becoming commonplace for would-be attackers to scan large sections of the internet looking for easy targets.
They exploit the gap between a vulnerability being announced and when devices and servers are patched, a gap that is growing as the number of vulnerabilities and patches are increasing at a blistering pace. This is why scanning for vulnerabilities on your internet-facing systems is critical. It is often the first line of defense.
Nodeware provides external scanning with every subscription and runs the scanners from several cloud providers to give the same vantage point of a remote attacker. The scanners are hosted by Nodeware and have an expanded tool set specific to web applications, servers, and services that are used on the internet. You can submit IP addresses for VPN servers, firewalls, or entire private blocks. Domain names for websites, web applications, and mail servers can also be submitted.
Adding a Domain or IP
When managing a single organization, Sites & Interfaces will be under the Management view. When managing multiple organizations, it will be found in the Customer Settings view.
To submit a domain or IP address for scanning, do the following:
1. Click Customers and select the Gear icon.
2. Click Sites & Interfaces and select Connect External Asset.
3. Enter multiple external domains, IP addresses, or IP address ranges simultaneously by using a comma separated list. Click Connect.
Note: You cannot mix subnets and single IP addresses in the same submission. All submissions are subject to ownership validation and approval.
The list of external sites appears. Verification status can be monitored, and scan scheduling can be configured to repeat weekly or monthly.
External scans occur based on a user-defined schedule with options to repeat scans weekly or monthly and selecting either the day of the week or month. Scans can also be run on demand with the rescan option available in the single asset view. To set a schedule, click the icon under Schedule.
From the first dropdown, select On Demand (default), Monthly, Weekly, and Daily schedules. If Weekly is selected, choose a day of the week. If Monthly is selected, choose a day of the month to scan. Click Update Schedule when done. If Daily is selected, scans will occur every day.
External scans can take anywhere from 10 minutes to an hour to complete depending on the number of remotely accessible services and the depth of any website or web application hosted.
Domain and IP Verification
All submitted domains and IPs are validated with information from public sources and additional verification methods. The maximum approval time is 24 hours with the majority of approvals happening within minutes. You will be notified if a submitted domain or IP Address fails verification or requires additional verification.
Abuse or misuse of the external scanning resources can lead to account suspension or revocation. To report suspected abuse, please click Support at the bottom right of this page and submit a request.