Here, you can do everything from viewing the target list; filtering the target list and adding to the target list.
Filters explained
Host status
Status | External target | Internal target |
Active | Target has at least one open port, or responds to ping | An agent has been installed onto the device and it's linked successfully |
Not scanned | The target has not yet been scanned | The target has not yet been scanned |
Unresponsive | ||
Unlinked | N/A |
Alerts
Requires attention | What does it mean? |
May require authentication to scan behind a login | We have detected what we think is a login page and you may need to add authentication. If you have an app license available, you can do this immediately; if you don't, you'll need to purchase one. |
Requires an API schema to be fully scanned | We have detected an API in your AWS account and believe that the addition of an API schema could improve scan coverage. |
Web Application Firewall (WAF) detected | We have detected a WAF which we believe could be adversely impacting your scans. To ensure full scanning, you'll need to add our scanning ranges (for your chosen region) to your allowlist. |
If you filer by 'Requires attention' and roll your mouse over the information icon, you'll see what the alert refers to.
Requires an authentication to be fully scanned
:
Requires an API schema to be fully scanned
:
Web Application Firewall (WAF) detected
If you click on the target and navigate to:
The Authentications tab, you'll be shown the evidence and will have the option to either 'Add authentication' or Ignore recommendation'.
The APIs tab, you'll be shown the evidence and will have the option to either 'Add API Schema' or Ignore recommendation'
The first page, you'll see the banner at the top of the page:
Once that's done, it'll show up under:
The Authentications tab, as shown below.
(You can alwaysUndo ignore recommendation
and add authentication at a later date – if you wish.)
The API tab, as shown below.
(You can alwaysUndo ignore recommendation
and add authentication at a later date – if you wish.)
Target type
Target type | Description |
External | Any target that has a public facing IP address, domain, or subdomain |
Internal | Any device supporting Windows, Linux or MacOS. |
Has authentication | Any target added as a web application will have dummy credential applied, if |
Has API | Any web-application that has an API schema applied. |
License type
License type | Description |
Infrastructure | Allows users to conduct external scanning on IP addresses, domains and subdomains; as well as internal scanning on devices supporting Windows, Linux or MacOS. |
Application | The Application license covers infrastructure scanning; enhanced web-app scanning of unauthenticated pages; authenticated web-app scanning (pages behind the login); as well as API scanning (where users have uploaded a schema file). |
Not assigned | This will only apply to external infrastructure targets, as application licenses are assigned as soon as the web-app is added; and infrastructure licenses are assigned as soon as internal targets are linked. |
FAQs
How do I trigger login detection?
This check is run as part of the first scan kicked off on a target after it's been added, so you can't trigger it per se.
Can I get a second login detection if I delete the target and re-add?
Unfortunately not. When you re-add a previously deleted target, the scan history will be reinstated, which will include the scan where we checked the target for a login page.
What type of targets does it run on?
It'll run on external targets that don't already have an application license assigned.