Product Features Details
| Modules | Features | Sub Features | ESSENTIAL | BUSINESS | ULTIMATE-FLEX | Overview & Feature Description |
|---|---|---|---|---|---|---|
| Discovery & Monitoring | Scan Period | - | Monthly | Weekly | Daily | - |
| Continuous Digital Asset Discovery & Monitoring | - |  |
|
|
Continuously scans the internet and internal environments to detect new digital assets, such as subdomains, IPs, domains, and cloud instances. This feature provides real-time visibility into changes and additions to the organization's digital footprint, ensuring no asset goes unnoticed and reducing the risk of unmanaged exposures.
|
|
| Asset Discovery Path & History | - | |
|
|
Tracks the discovery process of each asset and maintains a detailed history, allowing users to visualize how assets were discovered and the timeline of changes. This enables organizations to understand the evolution of their attack surface and analyze patterns or trends in asset exposure.
|
|
| Asset Inventory and Management | - | |
|
|
Provides a centralized repository for managing all discovered assets. Users can categorize, tag, and prioritize assets, ensuring that every element of the digital environment is accounted for and properly managed. This helps in resource allocation and targeted security efforts.
|
|
| Technology and Service Identification | - | |
|
|
Identifies the technologies and services used across discovered digital assets, including web servers, frameworks, and cloud services. This feature aids in understanding the tech stack of each asset, making it easier to assess potential vulnerabilities and apply relevant security controls.
|
|
| Risk Prioritization and Scoring | - | |
|
|
Automatically assesses discovered assets for potential risks and assigns scores based on their severity. This helps security teams prioritize remediation efforts, focusing on the most critical vulnerabilities and exposures that pose the greatest risk to the organization.
|
|
| Alerting and Notification | - | |
|
|
Generates alerts for changes in the digital footprint, newly identified risks, and other critical events. Users receive notifications through preferred channels, ensuring that they are immediately aware of any potential threats or changes in their environment.
|
|
| Customizable Alarm Management | - | |
|
|
Allows users to define custom alarm criteria based on asset sensitivity, risk thresholds, and other parameters. This ensures that alerts are relevant and aligned with the organization's security priorities, reducing noise and focusing on critical incidents.
|
|
| Code Repository Monitoring | - | |
|
|
Monitors code repositories for exposed credentials, API keys, and other sensitive data. This feature helps organizations prevent accidental leaks and ensure that their codebases remain secure, reducing the risk of unauthorized access.
|
|
| Cloud Storage Monitoring | - | |
|
|
Continuously monitors cloud storage services for misconfigurations, such as public access settings or unsecured files. This feature ensures that sensitive data stored in cloud environments remains protected and compliant with security policies.
|
|
| Mobile Application Monitoring/Analysis | - | - | - | |
Analyzes mobile applications for potential vulnerabilities, security issues, and compliance risks. This feature helps organizations secure their mobile apps and protect user data, ensuring a secure mobile experience for their customers.
|
|
| Visual Attack Surface Mapping | - | |
|
|
Provides a graphical representation of the organization's digital attack surface, allowing users to visualize the relationships and connections between assets. This makes it easier to understand the overall security landscape and identify potential points of exposure.
|
|
| Legitimate Social Account Monitoring | - | |
|
|
Monitors official social media accounts for impersonation attempts, unauthorized changes, or other security risks. This helps protect brand reputation and ensures that customers can trust communications from verified accounts.
|
|
| SSL Certificate Analysis | - | |
|
|
Analyzes SSL/TLS certificates across digital assets to ensure they are valid, up-to-date, and properly configured. This feature helps organizations prevent issues like expired certificates or weak encryption, ensuring secure communication.
|
|
| Website Uptime/IPS Monitoring | - | |
|
|
Continuously monitors websites for uptime and potential IPS (Intrusion Prevention System) alerts, ensuring that web applications remain available and protected against potential attacks. This helps maintain service reliability and user trust.
|
|
| On Demand Port Scanning | - | |
|
|
Allows users to perform targeted scans of specific ports on-demand to identify open access points and potential vulnerabilities. This feature provides deeper insights into network exposure and helps in securing external-facing services.
|
|
| On Demand SSL Certificate Analysis | - | |
|
|
Enables users to perform SSL certificate checks on-demand, ensuring certificates are configured correctly and meet security standards. This feature is ideal for ad-hoc assessments and quick validation of SSL/TLS configurations.
|
|
| Third Party Domain Monitoring | - | |
|
|
Tracks domains managed by third parties to ensure they adhere to security standards and remain free of vulnerabilities. This helps organizations maintain oversight over external partners and mitigate risks that could impact their security posture.
|
|
| DNS Monitoring | - | |
|
|
Monitors DNS records for unauthorized changes or misconfigurations, helping to protect against domain hijacking and DNS-based attacks. This feature ensures the integrity of domain name configurations and prevents service disruptions.
|
|
| Security Misconfiguration | ||||||
| Information Disclosure Issues | - | |
|
|
Identifies instances where sensitive information, such as credentials or configuration files, is exposed through web servers, APIs, or other services. This feature helps prevent data leaks that could be exploited by attackers.
|
|
| Mail Security Issues | - | |
|
|
Monitors mail servers for misconfigurations and security risks, such as open relays or weak encryption settings. This helps ensure the confidentiality and integrity of email communications.
|
|
| DNS Security Issues | - | |
|
|
Identifies vulnerabilities and misconfigurations in DNS settings, helping to secure domain names against hijacking and other DNS-related attacks.
|
|
| SSL Security Issues | - | |
|
|
Assesses SSL/TLS configurations for weak protocols, outdated encryption methods, and potential vulnerabilities. This feature ensures that encrypted connections remain secure.
|
|
| Mobile Application Issues | - | - | - | |
Analyzes mobile apps for security issues, such as insecure data storage or improper permissions, helping to secure applications and protect user data.
|
|
| Website Security Issues | - | |
|
|
Scans websites for common security issues, including XSS, SQL injection, and security misconfigurations. This helps organizations maintain secure web applications and prevent exploitation.
|
|
| Cloud Security Issues | - | |
|
|
Identifies security risks in cloud environments, such as improper access controls or unencrypted storage. This feature helps secure cloud resources and prevent unauthorized access.
|
|
| External Network Security Monitoring | - | |
|
|
Monitors external network infrastructure for misconfigurations, open ports, and other risks. This feature helps organizations secure their network perimeter and prevent external attacks.
|
|
| Vulnerability Assessment | ||||||
| Mobile Application Assessment | - | - | - | |
Evaluates mobile apps for known vulnerabilities and security issues, providing detailed insights and recommendations for improving app security. This helps protect user data and secure mobile applications.
|
|
| Passive Vulnerability Scanning | - | |
|
|
Based Internet Wide Scanners Data
|
|
| Active Vulnerability Scanning | Periodic Scan | - | - | |
Monthly - The Periodic Scan feature allows organizations to schedule regular vulnerability scans of their assets. It helps to identify new vulnerabilities as they appear and ensures that the organization's security posture is always up-to-date. By scanning at regular intervals, organizations can continuously track the status of known vulnerabilities and identify new ones before they can be exploited.
|
|
| Active Vulnerability Scanning - CISA Kev Check | - | - | |
Scans specifically for vulnerabilities listed in the CISA Known Exploited Vulnerabilities list.
|
||
| Active Vulnerability Scanning - Ransomware Check | - | - | |
Focuses on identifying vulnerabilities that could be exploited by ransomware operators.
|
||
| Advanced Attack Surface Threat Assessment (ASTA) - SOCRadar In House | Periodic Scan | - | - | Flexible |
The Periodic Scan feature allows organizations to schedule regular vulnerability scans of their assets. It helps to identify new vulnerabilities as they appear and ensures that the organization's security posture is always up-to-date. By scanning at regular intervals, organizations can continuously track the status of known vulnerabilities and identify new ones before they can be exploited.
|
|
| On Demand Scan | - | - | Flexible |
The On-Demand Scan feature offers flexibility by allowing security teams to initiate scans whenever required. It enables immediate vulnerability assessment of new assets, changes in the environment, or during incident response. This ensures rapid identification and remediation of threats when a sudden change is detected.
|
||
| Scan Configurator | - | - | Flexible |
The Scan Configurator allows users to customize their scanning parameters based on their specific security requirements. Users can define the scope of the scan, set up exclusion lists, and choose between different scanning techniques for detailed analysis. This feature ensures that scans are tailored to the unique needs of the organization, focusing on critical areas and reducing unnecessary scan times.
|
||
| Customized Alarm Management | - | - | Flexible |
Customized Alarm Management allows users to set specific alert criteria based on the results of ASTA scans. Users can define thresholds for alerts, such as high-severity vulnerabilities or significant changes in an asset’s status. This ensures that alerts are relevant and aligned with the organization's risk tolerance, helping security teams focus on the most pressing issues.
|
||
| Historical Vulnerability Evidence Monitoring | - | - | Flexible |
This feature tracks vulnerabilities over time, providing historical records of detected issues and their remediation status. It helps organizations ensure that previously identified vulnerabilities do not reappear and supports audit requirements by maintaining evidence of past remediation efforts.
|
||
| Cloud Security | - | - | Flexible |
The Cloud Security feature focuses on scanning and securing cloud environments, identifying misconfigurations, exposed storage buckets, and vulnerabilities in cloud services. It ensures that cloud resources are properly configured and secure against unauthorized access or potential breaches.
|
||
| Network Security | - | - | Flexible |
Network Security scans the external network infrastructure of an organization to detect open ports, exposed services, and other vulnerabilities. It helps secure network perimeters against unauthorized access and intrusions, providing a defensive layer against potential network-based attacks.
|
||
| Mail Security | - | - | Flexible |
Mail Security assesses email servers and configurations to ensure they are secure and compliant with industry standards. It focuses on identifying weaknesses in protocols like SPF, DKIM, and DMARC, which are crucial for preventing phishing and spoofing attacks.
|
||
| Website Security | - | - | Flexible |
Website Security scans websites for vulnerabilities and potential misconfigurations, focusing on securing web servers, content management systems (CMS), and web applications. It helps prevent web-based attacks, including defacement and unauthorized access.
|
||
| API Security-Beta- | - | - | Flexible |
API Security focuses on securing application programming interfaces (APIs) that are increasingly used in modern applications. It identifies vulnerabilities in API endpoints, such as improper authentication and data exposure risks, ensuring that APIs do not become an entry point for attackers.
|
||
| Database Security | - | - | Flexible |
Database Security identifies vulnerabilities in database configurations and access controls, ensuring that databases are not exposed to unauthorized access. It focuses on securing both relational and NoSQL databases, detecting issues such as unencrypted connections or misconfigured access policies.
|
||
| DNS Security | - | - | Flexible |
DNS Security monitors and assesses DNS configurations to identify issues like DNS hijacking, misconfigured records, or unauthorized changes. It ensures that the domain name system remains secure, preventing attackers from redirecting users to malicious sites.
|
||
| API & Integration | API & Integration *Incident Integration API *Vulnerability API *DFP API | - | - | - | Flexible | - |
| Premium Services | ||||||
| Online Access SOCRadar Academy | - | |
|
|
- | |
| OnWatch Services | - | - | - | Flexible | - | |
| Management & Support | ||||||
| Number of Users | - | 1 user | 1 user | 1 user (Flexible) | - | |
| Email & Chat Support | - | |
|
|
- | |
| Log Audit | - | - | |
|
- | |
| Single Sign-On (SSO) | - | - | |
|
- | |
| Role-based access | - | - | - | |
- | |
| For Commercial Use | - | - | - | Flexible | - |
