Using the Scan Dashboard - Launching Scans

Client Selection

• It is important to ensure you are under the correct Client Context before launching scans or attempting to review results. On the top left of the dashboard, there is a dropdown to select client. 
• The "Prospecting Account" is the default account. It is intended to be used for one-time scans of prospective clients. When under this context, you will notice that you will need to manually enter more information about the client when creating reports and that some features like the MS365 scan are disabled. 

Launching Scans

• To launch a scan, select the appropriate scan type on the left-hand menu. This will bring up the scan dashboard for that scan type. 
  • Prospector Scan - This is a full attack surface and OSINT scan. The details of how the scan works can be found here. 
  • Vulnerability Scan - This is a targeted vulnerability scan. This is best used for known IP addresses and URLs. 
  • MS365 Scan - This module is designed to quickly evaluate the security posture of an MS365 Tenant. 

Prospector Scans

• To perform a prospector scan, simply enter a domain name and click "Launch Scan". NOTE: to add known addresses, such as a public firewall IP that may not be discovered, they can be added after a comma. Example "scanme.org, 72.38.145.15"
• Scans typically take 3-5 minutes but may take longer for targets with a large online footprint, since all found subdomains will be scanned for vulnerabilities. 
• You can navigate away from the dashboard after starting the scan; notifications will appear in the notification area on the left-hand side of the application. There is no need to sit and watch the grass grow, the scan will run in the background!
• Once a scan is complete, it will be added to the results dashboard.  
  • Results: You can review results by clicking the split dropdown on the Prospector Scan button and select "View Results". This will open the results dashboard where you can see and select the scan you want to review.

Vulnerability Scans

• To perform a vulnerability scan, you can enter targets separated by commas and click "Launch Scan". Example "72.22.123.10, app.something.com, etc"
• Scans typically take 1-5 minutes but may take longer for longer target lists. 
• You can navigate away from the dashboard after starting the scan; notifications will appear in the notification area on the left-hand side of the application. There is no need to sit and watch the grass grow, the scan will run in the background!
• Once a scan is complete, it will be added to the results dashboard.  
  • Results: You can review results by clicking the split dropdown on the Vulnerability Scan button and select "View Results". This will open the results dashboard where you can see and select the scan you want to review.

MS365 Scans

• To perform a scan, click on "Start an MS365 Cloud Security Scan"
• Once clicked, you will be prompted to authenticate to Microsoft
• If this is the first scan for a tenant, you will be prompted for application approval NOTE: this requires administrator rights in the tenant.
• Once a scan is started, you will be redirected back to the application. Scans typically take less than a minute.  
  • Results: You can review results by clicking the split dropdown on the MS365 Cloud Scan button and select "View Results". This will open the results dashboard where you can see and select the scan you want to review.