ShadowTrackr

Log in >

Using suggestions

While scanning and gathering information on the assets you enter, ShadowTrackr will find related assets. This is of course by design and will help to create an overview of your attack surface. Some of these assets are yours and some of these are not. This is not always obvious and you should now how ShadowTrackr handles this before you start accepting suggested assets.

Automatically added assets

There are quite a few ways to find related assets and fortunately some relations are so strong that we can assume it's your asset. Imagine that you have added the pay level domain shadowtrackr.com as an asset. Any subdomain, like twilightsparkle.shadowtrackr.com, will very likely be relevant to you. Another example is an ip address that is within a subnet you have defined as an asset. In these cases the assets will automatically be added to your account. There will be messages about this on your timeline so you know what exactly is found and from what moment we track that asset. There is also an overview of new assets in the weekly report that you receive by email.

Suggestions

In some cases, it's not so easy to determine if a related url or ip address should be added as an asset. The most occuring case is when we find a website you have added as an asset on a server that hosts multiple websites. It could be that you manage that server, in which case it should be added along with the other websites running on it. It could also be that your website runs on shared hosting and the hosting provider manages the server. You might want to monitor the ip of this server, but you do not want to expand to monitoring other servers at the same hosting provider (which happens if you add the domain name of that hosting provider). If it's a AWS instance, you could end up having all of Amazon added to your assets and your timeline would be so crowded with other people's messages that you will not notice the ones important to you.

The person in the best position to judge if an asset should be added is you, and this is why all related items that are not clearly yours will be presented to you as suggestions.Using suggestions to discover assets

Accepting and rejecting suggestions

You should carefully check suggestions. Do not add them blindly. To help you determine if you should add it, the asset through which it is found is shown. If it's obvious that a url or ip address is yours, go ahead and add it. If it does not ring a bell, you should investigate first. Google it. If you find a subdomain, check the pay level domain as well. Often it's obvious from the website when the domain is that of a hosting provider.

If you're still doubting what you should do then mail support and we'll help you figure it out. The same goes if you accidently added something you shouldn't have and are now tracking thousands of assets. Mail support and we'll help you clean it up.

<- back to FAQ




Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI