Application & Service Discovery Service

This feature enables you to become aware of your enterprise's online collateral, web applications and services. This enables you to conduct a comprehensive security audit and better secure your online presence, continually reducing security threats.

This service works independently from our Acunetix 360 product, and already has hundreds of millions of services on its database. It continually scans the entire internet.

  • As soon as you register with Acunetix 360, the system begins the discovery process with your commercial email, immediately suggesting websites that might also belong to you.
  • Once you start adding websites, the system makes new suggestions based on those websites.
  • Acunetix 360 analyzes your configuration and data, then suggesting further websites that might also belong to you.

The Discovered Websites window displays and enables you to manage all websites Acunetix 360 has discovered:

  • You can filter results in each of the columns. Basic operations like ignore, create website and blacklist, for some parameters, can be achieved here as well.
  • The Status column's default filter is set to New, so that newly discovered websites are displayed. This window then operates like a To Do list. We recommend that you keep on top of this list, and process discovered items, by creating or excluding each discovered website every time you log in.

All users with Manage Websites permission can view Discovered Websites and configure Service Discovery Settings.

Discovered Websites Fields

This table lists and explains the panels in the Discovered Websites window.

Field

Description

Authority

This is the hostname or IP address and port number for a server. For example, in http://example.com:81/, example.com:81 is the authority.  

IP Address

This is the IP address of the website.

Top Level Domain

The TLD refers to the last segment of a domain name, or the part that follows immediately after the dot(.) symbol. For example, in the domain name www.example.com, the top-level domain is 'com'. TLDs are mainly classified into two categories: generic TLDs and country-specific TLDs. Examples of some of the popular TLDs include: .com, .org, .net, .gov, .biz and .edu.

Second Level Domain

A second-level domain is a domain that is directly below a top-level domain (TLD). For example, in example.com, 'example' is the second-level domain of the .com TLD.

Organizational Name

This is the name of the organization that is registered as the owner of the website.

Status

This is the status of the website. The options are:

  • New: This indicates websites that have just been discovered
  • Ignored: This indicates websites that you've ignored
  • Created: This indicates websites that you've created

Filtering

Filters enable you to find discovered websites that match given criteria.

How to Filter Your List of Discovered Websites
  1. In the Discovered Websites window, click the filter button (  ) next to any column header. The filter dialog is displayed.

  1. Click to clear all fields.
  2. Add a New Filter if necessary (see How to Add a New Filter).
  3. In the relevant field, where relevant:
  • From the FIELD dropdown, select an option
  • From the OPERATOR dropdown, select an option
  • In the VALUE field, enter a value
  1. Click Apply. The list is filtered by the selected criteria.
How to Add a New Filter
  1. In the Discovered Websites window, click the filter button ( ) above the Discovered Websites field next to any column header. The filter dialog is displayed.
  2. In the filter dialog, click New Filter. A new row is displayed.
  3. Configure as required.
How to Filter Using Faceted Search

You can also filter the list of Discovered Websites using a faceted search. Click the number next to the IP Address, Second Level Domain, Top Level Domain or Organization Name in any row to filter on that criteria.

The list will display only websites that fit the criteria you've clicked on.

Service Discovery Settings

In this window, you can configure the settings that determine how the Discovered Websites list searches for online resources.

The discovery process uses specific parameters to suggest websites:

  1. IP Address or IP Range
  2. Second Level Domain (SLD)
  3. Top Level Domain (TLD)
  4. Organization Name

You can extend or narrow the results using these parameters, for example:

  • You can select to detect all websites that have SLD acunetix
  • You can select to detect all websites that have TLD .gov

The Service Discovery Settings window has eight tabs. Each is outlined below.

Match Settings

This table lists and explains the sections in the Match Settings tab. They are all enabled by default.

Setting

Description

Email Matching

Enable to use your account's email address second level domain as a matching option.

Website Matching

Enable to use your added website's second level domain as a matching option. The website matching option has a limit of 32 websites.

Only Registered Domains

Enable to exclude web services that do not have a publicly available DNS record.

Reverse IP Lookup

Enable to take the IP address pointing to a web server and search for other sites known to be hosted on the same web server.

Organization Name Matching

Enable to conduct another scan via the Organization Names extracted from the result set’s TLS certificates.

Second Level Domains

This tab lists the addresses that are below the top-level domains. A second-level domain is a domain that is directly below a top-level domain (TLD). For example, in example.com, 'example' is the second-level domain of the .com TLD.

Organizations

This tab lists the organization name (listed in the certificate's organization name fields or website's copyright section) for each website or service that you want included in your Discovered Websites list.

IP Addresses

This tab lists the IP addresses for each website or service that you want included in your Discovered Websites list.

Excluded Second Level Domains

This tab lists the second-level domains for each website or service that you want excluded from your Discovered Websites list.

Excluded Top Level Domains

This tab lists the top-level domains for each website or service that you want excluded from your Discovered Websites list. The TLD refers to the last segment of a domain name, or the part that follows immediately after the dot(.) symbol.

Excluded Organizational Names

This tab lists the name of the organizations whose websites should be excluded from the service.

Excluded IP Addresses

This tab lists the IP Addresses whose websites you would like excluded from the Discovered Websites list.

How to Configure Service Discovery Settings
  1. Log in to Acunetix 360.
  2. From the main menu, click Discovery, then Settings. The Application and Service Service Discovery Settings window is displayed.

  1. Configure the settings as explained in the table above.
  2. Click Save & Recrawl.

Creating Websites

Customers can create (import into Acunetix 360) a website or multiple websites from the list of Discovered Websites.

For further information, see Importing Websites in Acunetix 360.

How to Create a Website
  1. Log in to Acunetix 360.
  2. From the main menu, click Discovery, then Discovered Websites. The Discovered Websites window is displayed.

  1. Select the relevant websites, and click Create. The Import Websites window is displayed.

  1. Complete the fields as explained in Importing Websites in Acunetix 360.
  2. Click Save.
How to Create Multiple Websites
  1. Log in to Acunetix 360.
  2. From the main menu, click Discovery, then Discovered Websites. The Discovered Websites window is displayed.

  1. Click the Create dropdown, and click Create [#] Services. The Import Websites window is displayed.

  1. Complete the fields as explained in Importing Websites in Acunetix 360.
  2. Click Save.

Excluding Discovered Websites

You can exclude or ignore websites in this list, because they are redundant or duplicates. This will remove these items from the list, and they will not get discovered a second time.

How to Exclude a Discovered Website
  1. Log in to Acunetix 360.
  2. From the main menu, click Discovery, then Discovered Websites. The Discovered Websites window is displayed.

  1. Select the checkbox(es) of the website(s) that you want to exclude.
  2. In the same row, click Ignore, then Mark Service as Ignored.
How to Exclude All Discovered Websites
  1. Log in to Acunetix 360.
  2. From the main menu, click Discovery, then Discovered Websites.

  1. Select the checkbox to the left of the column headers to select all websites.
  2. Click the Ignore dropdown at the top of the window.
  3. Select Ignore [#] Services.

Blacklisting Discovered Websites

You can blacklist discovered websites based on certain criteria. This means that websites that meet the criteria, such as an IP address, will be excluded from the list.

Option

Description

Blacklist IP Address

Select to exclude all websites and services with this IP address.

Blacklist Second Level Domain

Select to exclude all websites and services with this second level domain.

Blacklist Top Level Domain

Select to exclude all websites and services with this top level domain.

Blacklist Organization

Select to exclude all websites and services with this organization.

How to Blacklist a Discovered Website
  1. Log in to Acunetix 360.
  2. From the main menu, click Discovery, then Discovered Websites. The Discovered Websites window is displayed.
  3. Next to the relevant website, click the Ignore dropdown.
  4. Select an option. A confirmation dialog is displayed.
  5. Click Yes, Exclude.

 

« Back to the Acunetix Support Page