Sub-Domains
When the Sub-domain asset type is chosen, the various sub-domains that were scanned load beside the asset type column.
The following details are included as an overview for each sub-domain:
- Sub-domain name
- Risk score
- Operational status
- Severity of its risks
- First and latest instance of occurrence
Clicking on the redirect arrow at the right-hand bottom of each sub-domain directs the user to a new page where more details and findings regarding that specific sub-domain are shown. This page is comprised of three sections:
- Overview
- Technologies
- Findings
Overview
This section is made up of the following blocks:
- Risk Score chart & Details
- Discovery Path
- Host name
- CPEs
Risk score chart & Details
The risk score chart presents a numerical value, ‘risk score’. This score refers to how high of a risk the exposure of this asset provides. The higher the score the higher the risk (the area of the shaded region in the risk score chart is directly proportional to its value).
The following details about the sub-domain and the risks it possesses are displayed adjacent to the risk score chart:
- Sub-domain Name
- Probability of the risk occurring
- First instance of occurrence
- Latest instance of occurrence
Discovery Path
As the name suggests, this block traces the route/path traversed to reach this sub-domain.
Host Name
This block provides the names of the servers where these subdomains are hosted.
CPEs
This block provides the list of CPEs that are applicable to the risks in this sub-domain.
Technologies
This section displays a table which records the following details regarding the technologies employed in this sub-domain:
- Name
- Version
- Category
- Host
A list of the technologies can be downloaded as a .csv file by clicking on the download button at the top right corner and then pressing the ‘export as .csv’ option. The total number of technologies discovered is provided at the bottom of the list.
Findings
This tab mainly records the findings which have been derived based on scans conducted for this sub-domain. For each finding the following elements are displayed:
- Title (Attack name/ CVE based)
- Description of the finding
- Probability of risk occurrence
- List of applicable assets
- Severity of the Risk
- Remediation
Clicking on a particular finding exposes a more detailed view of it. Clickable links are attached in the remediation part of the enlarged version for each finding.
This list of findings can be downloaded as a .csv file by clicking on the download button at the top right corner and then pressing the ‘export as .csv’ option. The total number of findings uncovered is provided at the bottom of the list.