Scan Front-End App domains with Aikido
Aikido's surface monitoring watches your app's public attack surface by probing your domain names for weaknesses.
What is Surface Monitoring Scanning?
Surface monitoring, sometimes better known as Dynamic Application Security Testing (DAST) inspects all the externally-facing components of your software, including the application programming interfaces (APIs), web pages, data transfer protocols, libraries and external resources used and other user-facing features.
Overview of checks performed
To see the checks performed by the Surface Monitoring Scanner, visit our checks overview page. Here, you'll find a detailed list of all the checks performed during the scan. Aikido will only perform safe, non-destructive automated test (eg no automated SQL injection attempts,..).
Overview of libraries detected
To see a list of all libraries detected by Surface Monitoring Scanner visit the Resources tab for a specific domain. You will find the library, version, date and time of detection and url for each detected resource. When CVE's are found for actively used resources, they will be added to your feed like other vulnerabilities.
Add a domain to be scanned with Aikido
Step 1: Navigate to the Domains Overview Page or Domains Settings and select Front-End App
Step 2: Fill in the service URL for the repositories which have public-facing domains by filling out the configuration form. You can specify full paths.
Step 3: Optional: link your domain to a repository or domain
Step 4: Optional: set the sensitivity of the data