TL/DR: Just as vulnerabilities are constantly evolving, so must your approach to external attack surface monitoring. In addition to our ongoing Crowdsource security research, we have released new features on our platform. You can get critical insights on what is newly discovered on your attack surface through an at-a-glance mode and it’s now easier to manage how your dev team is using Detectify, and much more.
Enterprise Attack Surface Monitoring
Detectify’s Surface Monitoring is the easiest way to monitor and manage your attack surface on the market. This product continuously monitors the configuration and attack surface of your domains and subdomains. It came from the realization that Application Scanning, our other product, is very detailed. Application scanning tries to find every nook and cranny of your application through crawling and fuzzing which is exactly what companies need for custom-built applications.
As the attack surface grows and as the number of assets that you need to secure and have control over increases, a surface monitoring solution can cover all of that and help you secure and know the security status of everything that you host. Many of our customers are already benefiting from its values: finding misconfigured S3 buckets in a subsidiary far away, 0-day and anti-vulnerabilities, and of course, subdomain takeover.
It is now possible to:
See newly discovered assets at a glance
The new attack surface view helps you to get the latest insights about your attack surface so you can take action, quickly. Also, recently discovered assets will be displayed at the top of the list so you always know what is on your attack surface.
Going beyond ports 80 and 443
While ports 80 and 443 are commonly used for most internet traffic, our new port scanner goes beyond and above, finding and displaying thousands of ports on the attack surface, IPs, and domains.
Inviting new team members is easier than ever
Adding new members can be really frustrating sometimes, particularly if you have dozens of new users to invite. That’s why we made it possible for you to copy and paste comma separated emails into the invite field, as well as see the status of current members.
What’s on the horizon?
A sneak peek at what is coming soon to Detectify products:
Growing Attack surface
More in-depth insights into what you are exposing to help you understand to what extent an asset is exposed.
Grouping subteams and assets
Simpler to manage your team members by grouping subteams and assets.
Summarize and overview the active vulnerabilities in your attack surface.
How can Detectify help?
Detectify checks your web applications for known vulnerabilities that are actively exploited in the wild. To begin, you need to verify ownership of the domain and then you can begin a scan within minutes. The Detectify scanners will run a check to determine your web technology profile, and then dispatch the relevant tests based on the results. The testing is context-based using hacker techniques like fuzzing, crawling, and real hacker payloads to help discover where the vulnerabilities are.
To keep up with today’s cyber threats, you need continuous security that’s integrated with development.If you’re not already a customer, click here to sign up for a free trial and immediately start scanning or get in touch with our customer success team through email@example.com. Already have an account? Login to check your assets. Go hack yourself!