New Features and Improvements - October 2023

Nicola Chapman
7 November 2023
|
4 min Read
|
Nicola Chapman
Create free account

Contents

Introduction

October has been another busy one for the FractalScan Surface team, with even more data being added to our public API as well as summary report co-branding.

More discovery data available from the public API

Integrating FractalScan into your wider toolkit is a great way for your team to work more efficiently. We are committed to continuing to add more data and capabilities to make sure you get the most out of it. Last month we added the ability to get domain information from the API and this month we have also added endpoints for IPs, web presence and out of scope domains. Full details of the new endpoints can be found in our public API documentation.

These endpoints are available to all existing API users: those with Premium, Enterprise and MSP plans. Please contact us to discuss getting access to the API.

IP addresses

There are two new endpoints in the API. An endpoint for getting the count of IPs: IP count

And one for getting the IPs and their details:

IP count and details

This allows you to get all the following details for a scan:

  • IP address
  • DNS sources e.g. domains
  • Hosted services and TLS certificates
  • Hosting: ASNs, cloud regions, entities
  • Location information
  • Risk counts
  • Other characteristics: seeds, created and updated date-times

Web presence details

Similarly to IPs, there are two new endpoint for web presence data. Firstly, an endpoint to get a count of the web presence URLs for a scan:

Web presence in-scope count

Details of the web presence URLs found by each scan:

Web presence in-scope details

Similar to the Web Presence page in the app, the following details are available via the API:

  • The URL and domain
  • HTTP details
  • Details of redirects
  • Other web page attributes: third party components used, log in forms present, created and updated date-times

Out of scope domains

All of the other discovery data endpoints include details of in scope assets only. These next two endpoints provide data based on the out of scope domains identified by FractalScan. An overview of how FractalScan determines what is in and out of scope can be found here.

The out of scope domains are also presented as two endpoints. First, a count of the out of scope domains:

Out-of-scope domains count

Second, details of the out of scope domains:

Out-of-scope domain details

As FractalScan doesn’t fully explore the out of scope domains, less data is available for these domains than the in scope ones. When out of scope domains are requested for a scan, a list of the domains and the created and updated date-times are returned.

If you wish to add an out of scope domain into scope using the API, you can use the Add a seed to a scan by ID endpoint: POST /v1/scans/{id}/seeds

Summary report co-branding

For users who wish to share FractalScan results with others, e.g. MSP partners who are running FractalScan for their clients, or those scanning businesses in their supply chain, you can now co-brand the summary report.

You can upload your company logo in the organisation settings.

Co-branded logo upload screen

Once a logo has been uploaded, when you create a new summary report, by default this will be included on the report, but you can choose to opt out of this each time if necessary.

Generate co-branded report summary screen

Once your report has been generated, you will see your logo at the top of each page.

Branded report example

Resolved IPs for CNAMEs

When analysing DNS records for discovered domains, FractalScan will identify CNAME (canonical name) records, which are alias to other domains. They are typically used to map sub-domains to the domain actually hosting content, e.g. ’trebuchet.example.com’ would have a CNAME record to ’trebuchet.me'.

Previously, unless part of a seed domain’s infrastructure, we didn’t follow CNAME DNS records beyond the domain they were pointing to. Following user feedback, we’ve updated the app to follow CNAMEs further. In addition to the IP of the CNAME record, you can also see ASNs, IP ranges and cloud regions, allowing you to see where CNAME domains are hosted.

CNAME information dashboard

As well as on the domains page, this additional data is also reflected in the CSV export and the domains API endpoint.

As we will now be finding additional out-of-scope data related to CNAMEs, we’ve added the number of out-of-scope IPs and domains to the discovery stats widget on the dashboard. These appear under the existing counts, which continue to only include in scope data. We hope this will help you get a better idea of the scale of your attack surface.

Discovery overview widget

This new CNAME discovery data will be available in new scans, rescans or continuously running scans once they’ve been triggered.

Risk remediations in the Risks & Actions report

We’ve added the remediation steps into the risks tab of the Risks & Actions report, in addition to the actions tab. This gives people who don’t have access to the app an extra layer of data to work with.

Coming soon

  • Free FractalScan accounts to try out some of the key features before you buy.
  • Self-service upgrading of your FractalScan plan within the app.
  • Improved mobile user experience.
  • Better visibility of the domain & IP limits that are applied to your account.
About Nicola Chapman
Nicola is the Product Manager for FractalScan Surface, working closely with the Red Maple Technologies engineers to represent our customers' and users' needs. She has over 10 years product management experience building products to help solve real world problems for businesses.
Nicola Chapman

REVIEWS

What our customers think

Haas Automation Logo

Ken Shannon

Haas Automation

"FractalScan Surface is an impressive tool that we use to monitor our external cyber risks and those of our dealers worldwide. We've even used it to perform due diligence security checks on third-party suppliers. I appreciate the easy-to-understand summary views, and my team likes that the daily scans automatically reflect their ongoing risk mitigation efforts. I'd really encourage other companies to use this tool and start tracking their cyber risks."

View The Space

Robin Craib

VTS

"FractalScan's capability to mark domains hosted on shared cloud services gives us the ability to remove risks associated with IP addresses which are not part of our infrastructure, allowing us to focus our resources. The consultancy we've had from the professional services team at Red Maple Technologies confirms the credibility and background of the team building FractalScan. I'm excited to see what's coming next for FractalScan."

Formula 1

CIO

Formula 1

"FractalScan Surface has been great for discovering our online-visible assets and exposures, allowing us to make some immediate improvements to reduce our cyber risk." Daily scanning enables us to keep on top of our external attack surface, which is particularly important to us since we have complex digital content output. FractalScan gives us the view on our data we didn't have."

Capterra Logo

Andy K.

Financial Services

"Simplicity - give it a domain and it will find out what it can about subdomains, related domains and any issues it identifies with them. We may not be privy to sites or subdomains other parts of the business may implement. FractalScan gives us a discovery tool to identify previously unknown public infrastructure, we can reduce our external attack surface by identifying and resolving issues and getting "old" public infrastructure decommissioned."

Capterra Logo

Tim N.

Information Technology and Services

"What I appreciate the most about FractalScan is the level of accuracy this platform provides while maintaining a passive approach to data collection. As someone who works in technical sales and consulting, I have a lot of clients working with products in this space. The common problem is the overwhelming amount of results and the operational overhead required to make those results actionable. FractalScan's unique solution provides results that are immediately accurate and actionable."

Capterra Logo

Jason C.

Financial Services

"FractalScan Surface provides a compact and concise overview of vulnerabilities that have been identified on our assets. It is important for teams to be able to understand the issue, prioritise remediation activities and focus on removing vulnerabilities from our estate....this tool enables all of this and has proven to find vulnerabilities that other tools do not."

Capterra Logo

Jack S.

Information Technology and Services

"FractalScan Surface delivers an exceptional experience, principally by enhancing our understanding of customers' digital assets. The platform's intuitive interface facilitates a user-friendly experience that our team appreciates. This, in turn, allows us to proactively identify vulnerabilities and address them before they escalate. We've found the platform to be markedly superior to its market counterparts in terms of capability and efficiency. Integration into our existing business processes was seamless, minimising any potential operational interruptions."