External

On this page, you can manage the external infrastructure of the selected customer, add targets, and start external checks. In the overview table, you can add or remove individual targets from the test scope, set the asset value of a specific target, and define targets as "managed" or "unmanaged." By clicking the "Configuration" button at the top right, you can also configure ongoing external checks.

Target Overview

Here you'll find a table listing all external targets for a customer. The table shows the following info about a target:

• Whether the target is included in the test scope

• Name of the target

• Target type

• Managed Services status

• Asset value

• Date of the last check

On the left side of each row, there are checkboxes you can use to select several targets. Then you can run actions via the bulk action menu. On the right side of each row, you'll find a three-dot menu you can use to remove the target, for example.

Lywand categorizes external targets into domains, IP addresses and email addresses. You can add external targets by clicking the plus button in the top right corner. It's also possible to specify multiple targets at once by separating them with a space, line break, or comma.

For targets to be checked in the external check, they have to be in the scope. If you want to remove already added targets from the scope, you can do so in the table. Targets that are not in the scope won't be considered in the external check.

In the target overview, you can also set the asset value of a target and define it as "managed" or "unmanaged." The managed services status relates to the Managed Services view. The asset value sets how much weight the target has in the customer's risk assessment.

Add external targets

Click the “Add targets” button in the top right to open a pop-up where you can add external targets like domains, IPs, or email addresses.

When adding a domain, an automatic discovery of available (sub-)domains happens. To do this, several specialized open-source tools like Subfinder and Puredns are used, which pull from lots of public sources (e.g., AlienVault, crtsh, ThreatCrowd, Wayback Machine) to find well-known but also “hidden” domains – meaning ones you can’t find through search engines. Only DNS-resolvable domains are listed.

Additionally, another crawler scans the available websites to find valid email addresses for the domains you entered (like from imprint pages, contact forms, etc.).

If matching targets are found, they’ll show up automatically in the target overview shortly after. This discovery process runs once a week and there are no extra costs for it.

If you manually add external targets, they’ll be included in the scan scope right away. (Sub-)domains found through discovery are not added to the scan scope automatically.

External checks configuration

By clicking the “Configuration” button at the top right, you’ll get to the configuration page. Here you can start external checks for your in-scope targets and set up ongoing external checks.

Ongoing external checks

If this option is turned on, ongoing external checks will run automatically and on a regular basis. You can change the interval, weekday, and time whenever you want, and you can also turn the ongoing checks off or on as needed.

Manual external checks

External checks can be started manually any time with a click on the appropriate button and check all targets that are in scope. A counter keeps track of the checks already done this month.

The security check is run via the IP addresses 52.58.126.186, 18.158.3.134 and 3.74.19.219. To get complete results, these shouldn't be blocked by IPS systems.

Keep in mind that running external checks comes with a cost. For more info on our price list, please contact your distributor.