- 1. What does FractalScan Surface do as part of a scan?
- 2. What’s the difference between monitored scans and ad hoc scans?
- 4. Do I need a company’s permission to scan them?
- 5. What is covered by the free trial?
- 6. When and how can I contact the support team?
- 7. Where is my data being stored?
- 8. Which package is the best choice for me?
- 9. How do scan allowances work?
- 10. How can I change my package?
- 11. When do my monthly allowances update?
- 12. What happens if I delete a scan?
1. What does FractalScan Surface do as part of a scan?
Requiring only your high-level domains (yourcompany.com) or IP addresses, FractalScan Surface first queries a range of online sources to discover and enumerate associated online infrastructure and assets, before performing its own in-depth analysis.
FractalScan Surface’s analysis includes non-intrusive (passive) techniques to accurately identify components and risks and help build a complete picture of your attack surface. On the first scan, you will see the state of your company’s infrastructure at that point in time. For monitored scans your will see new risks and any changes over time.
For more information, please read our blog: ‘What is FractalScan Surface?’.
2. What’s the difference between monitored scans and ad hoc scans?
FractalScan Surface has 3 scan types, which types you have available will depend on the package you are on.
Own asset monitoring
This scan type is for continuously monitoring your company’s online assets. These scans are refreshed every day, meaning new assets on your attack surface and new risks are found straight away, allowing you to keep ahead of potential hackers.
This scan type is for monitoring third-parties associated with your business. This could be your vendors, partners, sister companies or customers. These scans are run less frequently than when monitoring your own assets, usually weekly.
This scan type is for carrying out one off scans of companies. For example, when carrying out due diligence on potential new vendors or partners you can get a snapshot of their attack surface. This will help you to understand how seriously they take cyber security. If you’re on the Premium or Enterprise packages, your ad hoc scan allowances will update monthly.
4. Do I need a company’s permission to scan them?
No. FractalScan Surface uses passive scanning techniques, meaning it’s compliant with the Computer Misuse Act and you don’t need a company’s permission to scan them.
5. What is covered by the free trial?
Our free trial aims to give you a taste of what using FractalScan Surface could really be like for you and your business. You can monitor the attack surface of one or more of your domains for 14 days and explore the full data in your results. This includes remediation advice for any risks we find and generating a summary report that you can download & keep.
Ultimately, we want to you to get the most out of your trial, so if there’s another domain you’d like to scan, or you want to try it for a bit longer than 14 days, get in touch and we can help.
6. When and how can I contact the support team?
Our support team is based in the UK and is available 8am – 6pm Monday – Friday. The best way to get in touch is by emailing firstname.lastname@example.org or using the in app Contact Us option. If you are a Enterprise customer, you will have your own dedicated account manager assigned who will be your first point of contact for any support you need.
7. Where is my data being stored?
FractalScan Surface is built & supported by a team based in Cheltenham, UK. All data is stored in the UK.
8. Which package is the best choice for me?
There are 3 standard packages for FractalScan Surface: Essential, Premium & Enterprise. These packages scale with your business and mean there is an affordable option to meet every business’ needs.
- The Essential package supports small-medium businesses in monitoring their own attack surface.
- The Premium package supports businesses in starting to understand and monitor the key third-parties in their supply chain.
- The Enterprise package allows a business to get full visibility of their whole attack surface, including their third-party supply chain. This package scales with the size of your business to ensure the price is suitable for businesses of any size. Please see our pricing page for more details of these packages.
If none of these standard packages quite fit your needs, please get in touch and we would be happy to provide a bespoke quote for you.
9. How do scan allowances work?
You can have a different allowance per scan type. For monitored scans (own asset & third-party) the allowance determines how many scans of each type you can have.
For ad hoc scans the allowance is usually monthly, and determines the number of one off scans you can run each month. Monthly is the standard frequency we use for ad hoc scans in our Premium & Enterprise packages but if you are on a bespoke package this frequency can be adjusted to suit your needs.
Your remaining allowances for each scan type can be seen in FractalScan Surface when you create a new scan, or by visiting your organisation’s usage page
10. How can I change my package?
You can change your package at any time by emailing email@example.com.
11. When do my monthly allowances update?
First of the month.
12. What happens if I delete a scan?
When you delete a scan, it is soft deleted for 30 days. This means you can un-delete it at any time during this period and get the full details & history of the scan back. Note if the scan is for own asset monitoring or third-party monitoring, the scan will not be run during the period it is in the soft deleted state. When the 30 day period has elapsed, the scan is fully deleted and your scan allowance will increase by 1 for the relevant scan type.
What our customers think
"FractalScan Surface is an impressive tool that we use to monitor our external cyber risks and those of our dealers worldwide. We've even used it to perform due diligence security checks on third-party suppliers. I appreciate the easy-to-understand summary views, and my team likes that the daily scans automatically reflect their ongoing risk mitigation efforts. I'd really encourage other companies to use this tool and start tracking their cyber risks."
"FractalScan's capability to mark domains hosted on shared cloud services gives us the ability to remove risks associated with IP addresses which are not part of our infrastructure, allowing us to focus our resources. The consultancy we've had from the professional services team at Red Maple Technologies confirms the credibility and background of the team building FractalScan. I'm excited to see what's coming next for FractalScan."
"FractalScan Surface has been great for discovering our online-visible assets and exposures, allowing us to make some immediate improvements to reduce our cyber risk." Daily scanning enables us to keep on top of our external attack surface, which is particularly important to us since we have complex digital content output. FractalScan gives us the view on our data we didn't have."
"Simplicity - give it a domain and it will find out what it can about subdomains, related domains and any issues it identifies with them. We may not be privy to sites or subdomains other parts of the business may implement. FractalScan gives us a discovery tool to identify previously unknown public infrastructure, we can reduce our external attack surface by identifying and resolving issues and getting "old" public infrastructure decommissioned."
Information Technology and Services
"What I appreciate the most about FractalScan is the level of accuracy this platform provides while maintaining a passive approach to data collection. As someone who works in technical sales and consulting, I have a lot of clients working with products in this space. The common problem is the overwhelming amount of results and the operational overhead required to make those results actionable. FractalScan's unique solution provides results that are immediately accurate and actionable."
"FractalScan Surface provides a compact and concise overview of vulnerabilities that have been identified on our assets. It is important for teams to be able to understand the issue, prioritise remediation activities and focus on removing vulnerabilities from our estate....this tool enables all of this and has proven to find vulnerabilities that other tools do not."
Information Technology and Services
"FractalScan Surface delivers an exceptional experience, principally by enhancing our understanding of customers' digital assets. The platform's intuitive interface facilitates a user-friendly experience that our team appreciates. This, in turn, allows us to proactively identify vulnerabilities and address them before they escalate. We've found the platform to be markedly superior to its market counterparts in terms of capability and efficiency. Integration into our existing business processes was seamless, minimising any potential operational interruptions."