New Features and Improvements - January 2024

Nicola Chapman
26 January 2024
|
4 min Read
|
Nicola Chapman
Create free account

Contents

Introduction

December saw the launch of the Free FractalScan Surface account, and after taking some time off for the Christmas break, the team have been hard at work again bringing new features and improvements to FractalScan.

Free FractalScan accounts

You can now try FractalScan for free! This means you can start to understand the basics of your attack surface without spending a penny - all you need is a business email address.

Your free account will allow you to:

  • Understand the size of your external attack surface

  • See details of all the domains you have on the internet

  • See which domains have the most risks against them

  • Monitor your attack surface on a weekly basis for new critical or high severity risks

To unlock the details of the data behind your scan, you can upgrade your account to our Essential or Premium plan at any time.

Free Account dashboard

Better visibility of IPv6

To help make the picture of your attack surface as clear as possible, the scan Overview page has been updated to include IPv6 alongside IPv4. The Discovery widget has been updated to show totals for all IPs.

Discovery data IPv6 and IPv4

And the IP Addresses widget now includes details of both IPv4 and IPv6.

IP addresses updated widget

See when a scan is next due to run

While a the majority of scans run daily in FractalScan, some scans do run less frequently. For example our Free Account scans run weekly, and scans used to monitor third parties in your supply chain often run weekly or monthly.

To help you understand your scans better, and to help you know when a scan is next due to run, we have added these details to both the Scans page and the Overview page for each scan.

Scan schedule overview page

Scan schedule details

Domain and IP limiting

Depending on your plan, there will be a limit on the number of domains and IPs that you can scan. For example, Premium users are limited to 300 domains and IPs for own asset monitoring. We have made some improvements so it’s easier for you to see when you’re nearing this limit and what you’re missing from your results if the limit has been hit.

The warnings will allow you to understand which scan type(s) you have reached your limit for and allow you to get in touch to discuss increasing your allowance.

Domain and IP limit warning

The limits are based on all discovered domains and IPs in the scan, including both in and out of scope domains. If you’re not sure how big a scan is, you can look at the number on the Discovery widget on the scan overview. The large numbers are in scope, and the smaller numbers are out of scope.

FractalScan Discovery widget

Depending on your plan, some of your domain and IP limits may be set across the scan type, and others set on a per scan basis. Using the Premium example above, the domain and IP limit for own asset monitoring is 300, which can be used across more than one scan. Where you have an allowance of ad hoc scans in your plan, the limit is usually per scan.

If you aren’t sure what your allowance is, you can look at the usage page. Note the Owner or Admin role is required to view the usage page.

FractalScan allowance dashboard

To find out more about domain and IP limiting and how it works, you can read our knowledge base article.

Risk for public Server Message Block (SMB) service

If you have a public Server Message Block (SMB) service that FractalScan can discover, a High risk will be raised against your scan. Similar to other services FractalScan was already checking for (e.g. FTP) there is risk that the service could be used to access and exploit other areas of your network.

Remediation advice is provided to you within FractalScan if you have this risk.

SMB remediation advice

Coming soon

  • Allowing roles and groups to be set on invites for new users.
About Nicola Chapman
Nicola is the Product Manager for FractalScan Surface, working closely with the Red Maple Technologies engineers to represent our customers' and users' needs. She has over 10 years product management experience building products to help solve real world problems for businesses.
Nicola Chapman

REVIEWS

What our customers think

Haas Automation Logo

Ken Shannon

Haas Automation

"FractalScan Surface is an impressive tool that we use to monitor our external cyber risks and those of our dealers worldwide. We've even used it to perform due diligence security checks on third-party suppliers. I appreciate the easy-to-understand summary views, and my team likes that the daily scans automatically reflect their ongoing risk mitigation efforts. I'd really encourage other companies to use this tool and start tracking their cyber risks."

View The Space

Robin Craib

VTS

"FractalScan's capability to mark domains hosted on shared cloud services gives us the ability to remove risks associated with IP addresses which are not part of our infrastructure, allowing us to focus our resources. The consultancy we've had from the professional services team at Red Maple Technologies confirms the credibility and background of the team building FractalScan. I'm excited to see what's coming next for FractalScan."

Formula 1

CIO

Formula 1

"FractalScan Surface has been great for discovering our online-visible assets and exposures, allowing us to make some immediate improvements to reduce our cyber risk." Daily scanning enables us to keep on top of our external attack surface, which is particularly important to us since we have complex digital content output. FractalScan gives us the view on our data we didn't have."

Capterra Logo

Andy K.

Financial Services

"Simplicity - give it a domain and it will find out what it can about subdomains, related domains and any issues it identifies with them. We may not be privy to sites or subdomains other parts of the business may implement. FractalScan gives us a discovery tool to identify previously unknown public infrastructure, we can reduce our external attack surface by identifying and resolving issues and getting "old" public infrastructure decommissioned."

Capterra Logo

Tim N.

Information Technology and Services

"What I appreciate the most about FractalScan is the level of accuracy this platform provides while maintaining a passive approach to data collection. As someone who works in technical sales and consulting, I have a lot of clients working with products in this space. The common problem is the overwhelming amount of results and the operational overhead required to make those results actionable. FractalScan's unique solution provides results that are immediately accurate and actionable."

Capterra Logo

Jason C.

Financial Services

"FractalScan Surface provides a compact and concise overview of vulnerabilities that have been identified on our assets. It is important for teams to be able to understand the issue, prioritise remediation activities and focus on removing vulnerabilities from our estate....this tool enables all of this and has proven to find vulnerabilities that other tools do not."

Capterra Logo

Jack S.

Information Technology and Services

"FractalScan Surface delivers an exceptional experience, principally by enhancing our understanding of customers' digital assets. The platform's intuitive interface facilitates a user-friendly experience that our team appreciates. This, in turn, allows us to proactively identify vulnerabilities and address them before they escalate. We've found the platform to be markedly superior to its market counterparts in terms of capability and efficiency. Integration into our existing business processes was seamless, minimising any potential operational interruptions."