Foundations

• Getting started with Detectify and External Attack Surface Management (EASM)
• Resources for using Detectify
• How do I allow Detectify to scan my assets?
• The importance of continuous monitoring
• What can I scan using Detectify?

View all (7)

Map your attack surface

• Working with connectors
• Assets and Root Assets
• Adding a new asset
• Zone File / DNS Zone Transfer

Connectors

• Connector for AWS Route53
• Connector for Azure
• Connector for Google Cloud DNS
• Connector for Cloudflare
• Connector for IBM NS1

View all (8)

Asset Verification

• Why do you require verification of domain ownership?
• Verification with DNS (txt)
• Verification with txt file

Surface Monitoring

• Getting started with Surface Monitoring
• Adding Attack Surface Custom Policies
• Subdomain Takeover
• Port Discovery and Scanning

Attack Surface Policies

• Attack Surface Policies
• ​Examples of policies for hosting providers
• Examples of policies on open ports
• Examples of policies on technologies

Application Scanning

• What is Application Scanning
• How to set up Application Scanning
• Application Scanning Page
• What is a Scan Profile?
• Running Application Scanning

View all (7)

Application Scanning - Settings

• Application Scanning settings
• How to include or avoid ports in Application Scanning
• How to decrease the impact of Application Scanning on my website
• How to include or avoid URLs and paths in Application Scanning
• Scheduling Application Scanning

View all (9)

Application Scanning - Scan behind login

• How to scan behind login
• Scan behind login with Recorded Login
• Recorded Login: Trails service documentation
• Recorded Login Validation feature

Attack Surface Insights

• Domains page
• Overview Page
• Attack Surface
• The IP addresses view
• Technologies page

View all (7)

Working with Attack Surface findings

• Prioritization Overview
• Vulnerabilities Page
• Findings page
• How to access CVSS v.3.1 through the API

Results

• Understanding Application Scanning results
• Understanding Crawled URLs
• Understanding Fingerprinted Software
• Extend crawling coverage using Recorded Crawling
• Why didn't my Application Scan have any URLs to test?

Team Settings

• Account & User Management
• How do I manage groups?

Single Sign-On (SSO)

• Access Detectify using your SAML SSO provider
• How to set up SAML SSO for Detecitfy using Okta? (Detectify App)
• How to set up SAML SSO for Detecitfy using Okta? (custom solution)
• How to set up SAML SSO for Detectify with Azure?

Account & Team Settings

• How to remove your account
• Can I change my email address?
• How to enable two-factor authentication (2FA) on your account
• How do I change the name of my team?

New integrations

• Getting started with Integrations 2.0
• FAQ - Integrations 2.0
• How to connect with the Detectify Slackbot

Integrating with the API

• Attack Surface API (v3)
• How to create and manage API keys

Permission from hosting providers

• Permission from hosting providers
• Do I need to notify Microsoft Azure before running a Detectify scan?
• Do I need to notify Google Cloud Services before running a Detectify scan?
• Do I need to notify AWS before running a Detectify scan?
• My AWS WAF is blocking traffic coming from Detectify

Remediation Tips

• Cross-site Scripting
• SQL Injection
• Local File Inclusion / Path Traversal
• Microsoft IIS Tilde Vulnerability
• Input Autocomplete

View all (55)

The Technology Detectify Uses

• Are you using any external services?
• How do you secure my information?

Billing

• Payment alternatives
• Non-commercial or commercial account
• Enterprise accounts
• Refund Requests
• What happens if my payment fails?

Payment Services Directive (PSD2)

• How PSD2 affects your subscription
• Why do I need to re-authenticate my subscription?
• Why am I receiving emails from Chargebee?

Trust Center: Compliance and Information Security

• Compliance
• Data centers
• Data Privacy and GDPR compliance
• Access to customer assets
• Deletion and retention time of customer data

View all (15)