Add all of your public-facing resources to BreachRisk™ for Business to increase the fidelity of your results and avoid surprises.
Once a company is registered, BreachRisk™ assessments discover and analyze the attack surface associated with the primary domain used during registration. Many companies, however, have additional domains or resources that may not be associated with their primary domain. To ensure these are monitored and tested as well, we recommend that these are added to BreachRisk™ for Business using the steps below.
Note: By adding domains and IP addresses to your organization, you are verifying that the domain or IP addresses belong to your company, and/or you have authority to test the IT infrastructure associated with them.
Managing domains
Adding a domain
- To add an additional domain or multiple domains that belong to your company, simply select the “New Domain” button in the top-right of the Domains table in the Verifications page, found in the BreachRisk™ for Business menu on the right of the Dashboard.
- Provide the domain and any internal comments that may be helpful. Ensure only the domain is added (e.g. bluth.com), without any subdomains (e.g. bluth.com, email.bluth.com, etc.). Then select Done.
- That’s it! Upcoming BreachRisk™ assessments will now identify the public attack surface associated with this new domain, as well as all others that have been added to your organization.
Removing a domain
- To remove a domain, simply select the archive button on the right of the domain you would like to remove.
- That’s it! Removing a domain will not affect your latest BreachRisk™ assessment results. However, upcoming BreachRisk™ assessments will neither search for, nor include the attack surface associated with the removed domain.
Managing public resources by IP address
Adding an IP address
- To add the public IP address of a single resource or a block of IP addresses, select the “New IP” button, on the top-right of the Provided IPs table.
- Provide the single IP address (1.2.3.4) or a block of IP addresses in CIDR notation (1.2.3.0/24), along with any internal comments that may be helpful. If a block of IP addresses are added with a CIDR notation, the IP addresses in that block will be added individually to the Provided IPs table.
- That’s it! Adding IPs will not affect your last BreachRisk™ results, but they will be included in future BreachRisk™ assessments.
Removing an IP address
- To remove an IP address you have added, simply select the <___> button next to the IP address you would like to remove.
- That’s it! Removing IP addresses will not affect your latest BreachRisk™ assessment results. However, upcoming BreachRisk™ assessments will not include the IP address, if they are not associated with existing domains for your company. For instance, if you removed the IP address 1.2.3.4, but that address is still associated with an active subdomain (e.g. mail.bluth.co), it will still be included in upcoming BreachRisk™ assessments.
Common Questions & Issues
- The domain I added is not showing up in my BreachRisk™ results. Most likely, a BreachRisk™ assessment cycle may have already been in progress when the domain(s) were added. These cycles use the domains, IPs and integrations that existed when the cycle began to conduct the assessment. If multiple BreachRisk™ assessments have elapsed since you have added your domain(s) and you still do not see results (and you believe there are active domains or infrastructure associated with the domain(s)), please contact BreachBits Support at support@breachbits.com.
- One or multiple IP addresses I added are not showing up in my BreachRisk™ results. This could be caused by one of the following:
- A BreachRisk™ assessment cycle may have already been in progress when the IP(s) were added. These cycles use the domains, IPs and integrations that existed when the cycle began to conduct the assessment.
- There are no signs of activity we have identified on the IP address. In the BreachRisk™ Technical details, only Active Hosts are listed in your attack surface. We consider a host to be “Active” if we detect a subdomain associated with it (e.g. email.bluth.co), or open ports/exposed services are discovered.
If you do not believe either one of these are applicable to your situation, please contact BreachBits Support at support@breachbits.com.