Scan Hosted 3rd party Apps & Services with Aikido

Aikido's surface monitoring mimics an attacker's point of view on your hosted infrastructure. It probes your web-available services for known vulnerabilities, enhancing the security of your digital assets.

What is Surface Monitoring Scanning?

Surface monitoring with Aikido inspects all the externally-facing components of your infrastructure. It focuses on services like your GitLab server, WordPress website, and hosted Confluence server, among others. This approach helps identify vulnerabilities from an attacker's perspective, ensuring robust security.

Overview of Checks Performed

To understand the checks performed by Aikido, visit our checks overview page. Here, you will find a comprehensive list of all the vulnerabilities and misconfigurations that Aikido can detect.

Add a domain to be scanned

Step 1: Navigate to the Domains Overview Page or Domains Settings and select Third party Apps & Services

Step 2: Enter the service URLs of your web-available services in the configuration form. You can specify full paths and subpaths.

Step 3: Select technologies that you want to scan for.

Example on how to select technologies. If your webshop is built in Magento, you can select Magento, PHP and nginx. You can select up to 4 technologies to scan for. If you want to have more information on the checks done for each technology group, visit the checks overview page.

Once you've completed the form. simply start a scan for your this domain. The Surface Monitoring Scanner will then get to work, scanning your software surface for any signs of potential threats and report the issues in your feed. All issues can also be viewed in the domain detail page.