Managing CDNs and Shared IPs
Domains hosted on Content Delivery Networks (CDNs) or other cloud hosting services, will use shared IP addresses managed by a third party. Hexiosec ASM will still identify risks associated with CDNs or shared IP addresses. However, the application provides you with the capability to manage how these risks and assets related to these IPs are displayed in Hexiosec ASM.
The 'Manage CDNs' page in Hexiosec ASM allows you to designate specific domains as CDNs and exclude their IP-related risks from being considered in scope.
After toggling a domain as a CDN, the scan's results will update immediately, and the Actions will update within a few seconds.
If more than one domain links to a shared IP, you will need to mark all those domains as CDNs for the related risks and assets to be included.
The CDN toggle can be enabled and disabled without needing to re-run a scan.
If a scan contains many CDN hosted domains or domains hosted on shared resources, you can choose to completely ignore all IP related risks in the scan's results. Navigate to a scan's settings and toggle the option to 'Hide IP risks (Out of Scope)'.
The scan's result will update immediately, and the Actions will update within a few seconds.
The setting can be enabled and disabled without needing to re-run a scan.
If you use any of the functionality described above, Hexiosec ASM will mark certain types of IP-related assets as out-of-scope, including risks. However, to retain an understanding of domain hosting, certain other asset types are kept in-scope.
The following table lists which types will be out-of-scope and which will be in-scope.
Out-of-scope | In-scope |
|---|---|
Risks Certificates Services Assets URLs Components Entities | IP Ranges ASNs Domains Countries |