Skip to main content

EASM Hub

Explore Hubs

EASM Hub

Explore comprehensive tools and guidance for EASM Hub.

Popular Articles

Introducing 'Dig Deeper' - AI-Powered Insights for Security Issues

AI-Driven Security ToolsDuration5 min

How We Discover Subdomains and Why It Matters

Scanning & DetectionDuration5 min

How Our EASM Scanning Works - From Domains to Vulnerabilities

Scanning & DetectionDuration4 min

What is External Attack Surface Management (EASM)?

IntroductionDuration5 min
See All EASM Hub Articles

EASM Hub FAQs

Can I ask follow-up questions about vulnerabilities?

Absolutely! The 'Dig Deeper' chat is interactive, allowing you to:

  • Request more details about how a vulnerability works.
  • Ask for additional remediation methods.
  • Clarify attack vectors and potential risks.

This ensures security teams get deeper insights beyond just a vulnerability description.

What is the 'Dig Deeper' chat, and how does it help?

The 'Dig Deeper' AI chat provides instant expert-level insights on detected issues.

  • It explains vulnerabilities in a clear, actionable way.
  • It helps users understand why an issue is risky and how attackers might exploit it.
  • It suggests remediation steps tailored to the asset and issue type.

This allows security teams to quickly grasp risks and respond effectively without deep security expertise.

Does this tool comply with security frameworks like NIST or CIS?

Yes, the EASM tool aligns with frameworks such as NIST, CIS, and ISO 27001 by identifying security gaps in publicly accessible infrastructure. While it does not enforce compliance, it helps security teams detect misconfigurations and vulnerabilities that could impact regulatory requirements.

What sources does the scanner use to find vulnerabilities?

The scanner leverages multiple intelligence sources to detect vulnerabilities, including:

  • Public vulnerability databases (CVE, NVD, MITRE, etc.).
  • Security research feeds and threat intelligence sources.
  • Passive reconnaissance techniques such as OSINT and fingerprinting.

By combining these sources, the scanner provides real-time risk assessments without intrusive scans.

Does the scanner perform active exploitation or just passive mapping?

The scanner performs only passive mapping, meaning it identifies vulnerabilities but does not exploit them.

This approach:

  • Avoids system disruptions while gathering security intelligence.
  • Provides safe, real-world attacker perspectives without breaching legal boundaries.
  • Ensures compliance with ethical scanning practices.

Organizations can use these findings to proactively patch weaknesses before attackers do.

How does the EASM scanner find subdomains?

The scanner discovers subdomains using:

  • DNS enumeration (brute-force, dictionary-based, wildcard resolution).
  • Certificate transparency logs that expose registered subdomains.
  • Passive DNS records and web crawling to identify related assets.

This helps map the full attack surface, including shadow IT and forgotten subdomains.

See All EASM Hub FAQs

On this page