The option to use IP ranges is not included in all plans.  If you would like to discuss the use of IP ranges, please contact us at support@hexiosec.com.

If you use IP ranges as seeds, then this guide helps you understand the allowed sizes of IP range seeds, and what to expect from 

License plans with IP range seeds enabled will have a combined IP ranges size limit (per scan), this is separate to the scan seed limit.  These limits only apply to the seeds used to create the scan, they do not apply to the number of IPs or domains found when the scan is run.

The size limit of IP range seeds will depend on your plan, but will typically be set lower than your domain and IP limits.

Here are some examples with an allowance of 256 IPs:

Once your IP range seeds have reached the size limit, you can not add any additional IP range seeds. You will be able to add additional domain and IP seeds, if you have not reached your overall seed limit.

The owner and admins of an organisation can check the scan limits for their license plan on the Usage page, this will show the seed and IP range size limits for each type of scan.

When the seeds of a scan are defined or updated, a message under the 

 box will show the seed and IP range allowances used, and how many are available - the information displayed will depend on the 

If the seeds or IP range size limits are exceeded, they may need to be manually split across two or more scans.

 results for IP range seeds will only show IPs which are determined to be active. Active IPs are those which are found to have open ports.

For example, if your IP range seed covered a range of 256 IPs, but only 10 of those IPs were found to have open ports (e.g. port 80 for HTTP), then only 10 IPs would be shown in the scan results.

If all IPs in a range have open ports, then all IPs will be shown in the scan results.

Messaging in the app will help you as you create scans and understand results. If a scan of an IP range has no discovery results because all IPs are inactive, messaging in the app will indicate this.

IP Range Seeds

Seeds and IPs

EPSS

Scan Limiting

Hexiosec ASM

Hexiosec ASM (Public)

Organisation and Group Roles

Using Groups

MFA and session expiry

Password Policy

Changing email address

Changing ownership

User and Group Management

Scan Types

Scan Allowances

Deleting Scans

Scan Notifications

Managing Scans

Report Terminology

Scan Reports

Health Scores

Managing Actions

EPSS Scoring of Risks

TLS Certificate Risks

Backport Resolvable Risks

Risk Severity Ratings

SPF Hard Fail risks

Managing Risks

Managing Domains and IPs

Graph view

Managing CDNs and Shared IPs

Link Changes Endpoint

Creating a scan using the API

Paginating the API Requests

Using the Public API

Hexiosec ASM mobile

Upgrade Recommendations

Contacting Support

Hexiosec ASM User Guides

What is the 'Update pending' notification?

Why isn’t app.fractalscan.com working anymore?

I've changed the device I use for MFA

I've accepted an invite, why can't I see anything?

I don't think this vulnerability applies to me?

I've fixed a risk, why has it not been resolved?

Why is my IP's geographic location not showing, or incorrect?

Will Hexiosec ASM find Malware?

What are primary and secondary assets?

What is a Stale domain?

Can I run scans without permission?

What happens when I delete a scan?

Will the latest CVE be found?

What version is Hexiosec ASM?

Which SSO protocols does ASM support?

FAQs

MSP Specific Guidance