Managing Discovery Service in Acunetix 360
The Discovered Websites page displays and lets you manage all websites Acunetix 360 has discovered:
- This page operates like a To-Do list. It is highly recommended that you keep on top of this list, and process discovered items, by creating or excluding each discovered website every time you log in.
- You can filter results in each of the columns.
Tips The Status column's default filter is set to New so that newly discovered websites are displayed. |
This topic explains how to manage the Discovery Service in Acunetix 360. For further information on the Discovery Service, see Application and Service Discovery. Creating or blacklisting websites identified by the discovery service? See Creating websites via Discovery Service.
Discovered Websites fields
This table lists and explains the panels on the Discovered Websites page.
Field | Description |
Authority | This is the hostname or IP address and port number for a server. For example, in http://example.com:81/, example.com:81 is the authority. |
IP Address | This is the IP address of the website. |
Port | This is the port number of the web asset. |
EC2 Instance ID | This is the EC2 Instance ID. |
Creation Date | This is the creation date of the asset. |
Platform | This is the platform, such as Windows, that your web asset is on. |
Organization Name | This is the name of the organization that is registered as the owner of the website. |
Status | This is the status of the website. The options are:
|
Discovered Date | This column displays when Acunetix 360 first discovered your web asset. You can filter results based on the date range. |
Tags | This column displays the tags you added to the discovered website. For further information, see Tagging discovered websites in Acunetix 360. |
Filtering discovered websites
Column filters
All columns can be filtered, using a highly customizable combination of Fields, Operators, and Values. Each is explained below. This is useful for teams that manage the security of many websites.
Filters & Values
This table lists the filters and values available for the columns listed above. Select an option to filter the list by that criterion.
- In many cases, values can be entered into the value field; in others, the value can be selected from a drop-down menu.
- You can enter more than one filter at a time.
Authority | Select to filter by the authority. | Enter a value. |
IP Address | Select to filter by the IP Address. | Enter a value. |
Port | Select to filter by port numbers. | Enter a value. |
EC2 Instance ID | Select to filter by the EC2 Instance ID. | Enter a value. |
Creation Date | Select to filter by the creation date. | Select a date. |
Platform | Select to filter by the platform. | Enter a value. |
Organization Name | Select to filter by the organization name. | Enter a value. |
Status | Select to filter by the status. The Status column's default filter is set to New | The drop-down options are:
|
Distance | Select to filter by distance. | Enter a value. The options are: 0 and 1.
|
Registered Domain? | Select to filter by registered domain. | The drop-down options are:
|
Discovered Date | Select to filter by date. | Select a date. |
Operator
This table lists and explains the Operators available for filtering columns. They work in conjunction with the Field, Operator, and Value.
Operator | Description |
Equal | This operator can be used for exact matching. For example, if you filtered by the Target URL http://www.example.com/, the filtered list of results would not also list http://api.example.com. |
Not Equal | This operator can be used to exclude some results based on exactly matching. For example, if you filtered by the Target URL of http://www.example.com/, the filtered list of results would exclude scans for that one. |
Contains | This operator can be used to include results if the filtered column contains the value. It does not matter where the value is. For example, you could filter for the word 'production'. |
Not Contains | This operator can be used to exclude certain results on the Websites page. |
Starts with | This operator can be used to filter for columns that begin with the value. For example, you could filter for Website fields that begin with the 'https://' scheme. |
Ends with | This operator can be used to filter for columns that end with the value. For example, you could filter for Website Name fields ending with 'Staging'. |
Less than | This operator can be used to filter columns that contain numeric values rather than string values. |
Less than or equal | This operator can be used to filter columns that contain numeric values rather than string values. |
Greater than or equal | This operator can be used to filter columns that contain numeric values rather than string values. |
Greater than | This operator can be used to filter columns that contain numeric values rather than string values. |
Filtering discovered websites
Filters enable you to find discovered websites that match given criteria.
How to filter your list of discovered websites
- In the Discovered Websites window, select the filter button ( ) next to any column header.
- Select to clear all fields.
- Add a new filter if necessary (see How to add a new filter).
- In the relevant field, where relevant:
- From the Field drop-down, select an option
- From the Operator drop-down, select an option
- In the Value field, enter a value
- Select Apply. The list is filtered by the selected criteria.
How to add a new filter
How to filter using faceted search
You can also filter the list of Discovered Websites using a faceted search. Select the number next to the IP Address, Second Level Domain, Top Level Domain, or Organization Name in any row to filter on that criteria.
The list will display only websites that fit the criteria you've clicked on.
Configuring Service Discovery settings
On this page, you can configure the settings that determine how the discovered websites list searches for online resources.
The discovery process uses specific parameters to suggest websites:
- IP Address or IP Range
- Second Level Domain (SLD)
- Top-Level Domain (TLD)
- Organization Name
You can extend or narrow the results using these parameters, for example:
- You can select to detect all websites that have SLD acunetix
- You can select to detect all websites that have TLD .gov
The Service Discovery settings page has eight tabs. Each is outlined as the following:
Match Settings
This table lists and explains the sections in the Match Settings tab. They are all enabled by default.
Setting | Description |
Email Matching | Enable to use your account's email address second level domain as a matching option. |
Website Matching | Enable to use your added website's second level domain as a matching option. The website matching option has a limit of 32 websites. |
Only Registered Domains | Enable to exclude web services that do not have a publicly available DNS record. |
Reverse IP Lookup | Enable to take the IP address pointing to a web server and search for other sites known to be hosted on the same web server. |
Organization Name Matching | Enable to conduct another scan via the Organization Names extracted from the result set’s TLS certificates. |
Second Level Domains
This tab lists the addresses that are below the top-level domains. A second-level domain is a domain that is directly below a top-level domain (TLD). For example, in example.com, 'example' is the second-level domain of the .com TLD.
Organizations
This tab lists the organization name (listed in the certificate's organization name fields or website's copyright section) for each website or service that you want included in your Discovered Websites list.
IP Addresses
This tab lists the IP addresses for each website or service that you want included in your Discovered Websites list.
Excluded Second Level Domains
This tab lists the second-level domains for each website or service that you want excluded from your Discovered Websites list.
Excluded Top Level Domains
This tab lists the top-level domains for each website or service that you want excluded from your Discovered Websites list. The TLD refers to the last segment of a domain name, or the part that follows immediately after the dot(.) symbol.
Excluded Organizational Names
This tab lists the name of the organizations whose websites should be excluded from the service.
Excluded IP Addresses
This tab lists the IP Addresses whose websites you would like excluded from the Discovered Websites list.
How to configure the Service Discovery settings
- Log in to Acunetix 360.
- From the main menu, select Discovery > Settings.
- Configure the settings as explained in the table above.
- Select Save & Recrawl.