Skip to main content
Targets overview page

View (and filter) all of your targets in one place

Updated over a month ago

Here, you can manage all of your targets on the account - including viewing, filtering and adding to the target list, as well as modifying the configuration on your targets.

Filters Explained

Host status

Status

External target

Internal target

Active

Target has at least one open port, or responds to ping

An agent has been installed onto the device and it's linked successfully

Not scanned

The target has not yet been scanned

The target has not yet been scanned

Unresponsive

Unlinked

N/A


Alerts

Requires attention

What does it mean?

Login form detected - may require authentication to scan behind a login

We have detected what we think is a login page and you may need to add authentication. If you have an app license available, you can do this immediately; if you don't, you'll need to purchase one.

Requires an API schema to be fully scanned

We have detected an API in your AWS account and believe that the addition of an API schema could improve scan coverage.

Web Application Firewall (WAF) detected

We have detected a WAF which we believe could be adversely impacting your scans. To ensure full scanning, you'll need to add our scanning ranges (for your chosen region) to your allowlist.

If you filter by 'Requires attention' and roll your mouse over the information icon, you'll see what the alert refers to.

Login form detected - may require an authentication to be fully scanned:

Requires an API schema to be fully scanned:

Web Application Firewall (WAF) detected:

If you click on the target and navigate to:

  • The Authentications tab: you'll be shown the evidence and will have the option to either 'Add authentication' or Ignore recommendation'.

  • The APIs tab: you'll be shown the evidence and will have the option to either 'Add API Schema' or Ignore recommendation'

  • The first page: you'll see the banner at the top of the page: ​

If you choose to ignore the recommendation, you're prompted to add details and submit:

Once that's done, it'll show up under:

  • The Authentications tab, as shown below.
    (You can always Undo ignore recommendation and add authentication at a later date – if you wish.)

  • The APIs tab, as shown below.
    (You can always Undo ignore recommendation and add authentication at a later date – if you wish.)


Target type

Target type

Description

External

Any target that has a public-facing IP address, domain, or subdomain

Internal

Any device supporting Windows, Linux or MacOS.

Has authentication

Any target added as a web application will have dummy credentials applied, if

Has API

Any web application that has an API schema applied.


License type

License type

Description

Infrastructure

Allows users to conduct external scanning on IP addresses, domains and subdomains; as well as internal scanning on devices supporting Windows, Linux or MacOS.

Application

The Application license covers infrastructure scanning; enhanced web-app scanning of unauthenticated pages; authenticated web-app scanning (pages behind the login); as well as API scanning (where users have uploaded a schema file).

Not Assigned

This will only apply to external infrastructure targets, as application licenses are assigned as soon as the web app is added; and infrastructure licenses are assigned as soon as internal targets are linked.


FAQs

How do I trigger login detection?

This check is run as part of the first scan kicked off on a target after it's been added, so you can't trigger it per se.

Can I get a second login detection if I delete the target and re-add?

Unfortunately not. When you re-add a previously deleted target, the scan history will be reinstated, which will include the scan where we checked the target for a login page.

What type of targets does it run on?

It'll run on external targets that don't already have an application license assigned.

Did this answer your question?