Your scan types may be called 'Client Monitoring' instead of 'Third Party', and 'Client Survey' instead of 'Ad Hoc'.  The scans are the same, just the names shown in Hexiosec ASM may differ.  Please contact 

Hexiosec ASM has 3 scan types, each with a different purpose. Which types you have available, and how many of each type, will depend on your licence plan.  The 3 scan types are:

The scan type is selected after clicking on the 'New Scan' button.

Notifications can be independently configured for the different scan types, meaning you can choose the level of changes you are alerted for.

This scan type is for continuously monitoring your company’s online assets. These scans are refreshed more frequently (frequency will depend on your licence plan

 new assets on your attack surface and new risks are found straight away, allowing you to keep ahead of potential hackers. 

This scan type is for monitoring third parties associated with your business. This could be your vendors, partners, sister companies, customers, or any businesses in your supply chain. These scans are usually run less frequently than the scans used to monitor your own assets, but the frequency can be altered to suit your scenario. For example, Managed Service Providers (MSPs) using third-party monitoring for their customers will likely require daily scanning. 

This scan type is for carrying out one-off scans, which is particularly useful when carrying out due diligence on potential new vendors or partners as you can get a snapshot of their attack surface. This will help you to understand how seriously they take cyber security. You can also use ad hoc scans as part of your pre-sales process to scan prospective customers and gain valuable insights to help inform sales conversations.

Scan Types

Scan Allowances

IP Range Seeds

Seeds and IPs

Scan Limiting

Deleting Scans

Scan Notifications

Managing Scans

Hexiosec ASM

Hexiosec ASM (Public)

Organisation and Group Roles

Using Groups

MFA and session expiry

Password Policy

Changing email address

Changing ownership

User and Group Management

Report Terminology

Scan Reports

Health Scores

Managing Actions

TLS Certificate Risks

Backport Resolvable Risks

Risk Severity Ratings

SPF Hard Fail risks

Managing Risks

Managing Domains

Graph view

Managing CDNs and Shared IPs

Creating a scan using the API

Paginating the API Requests

Using the Public API

Hexiosec ASM mobile

Upgrade Recommendations

Contacting Support

User Guides

I've changed the device I use for MFA

I've accepted an invite, why can't I see anything?

I don't think this vulnerability applies to me?

Why has my scan not updated after I've made a fix?

Why is my IP's geographic location not showing, or incorrect?

Will Hexiosec ASM find Malware?

What is out of scope?

What is a Stale domain?

Can I run scans without permission?

What happens when I delete a scan?

Will the latest CVE be found?

What version is Hexiosec ASM?

Which SSO protocols does ASM support?

FAQs

MSP Specific Guidance