Domain Scanner: TRaViS Scanner Print

Domain Scanner: TRAVIS Scanner Page

Overview

The TRAVIS Scanner page in TRaViS EASM, located under the Domain Scanner section, serves as the primary interface for initiating and managing scans against domains or IP/CIDR blocks. Accessible via the Domain Scanner section in the left navigation menu, this page allows users to define scan targets, configure scan frequency, and track scan progress and history. Designed for Security Operations Center (SOC) teams, this page enables users to proactively monitor their attack surface by scanning for vulnerabilities, exposures, and misconfigurations across specified targets.

Page Layout

The TRAVIS Scanner page is structured to provide a user-friendly interface for scan initiation and management, with a clear and organized layout. The page includes:

• Target Configuration: Allows users to define scan targets and configure scan settings.
• Scan History Table: Displays a history of initiated scans, their status, and associated details.
• Navigation and Export Tools: Offers options for data management and reporting.

Key Features and Capabilities

Target Configuration: Scan Initiation

The top section of the page provides a form for users to configure and initiate scans against specific targets.

• Fields:
  • Domain Name:
    • Allows users to enter the target domain (e.g., "Enter Domain Name DO NOT Enter HTTP or HTTPS ROOT Domain only...").
    • Benefit: Ensures users specify the correct domain format for accurate scanning.
  • Recurring Scan Interval:
    • Offers options to set the frequency of recurring scans (e.g., 1 Week, 1 Month, Quarterly KPI Report).
    • Benefit: Enables automated, periodic scans to continuously monitor the domain’s security posture.
  • Email Address:
    • Allows users to enter an email address for receiving scan reports (e.g., "Enter email address...").
    • Benefit: Facilitates automated reporting by sending scan results to the specified email.
  • Terms of Service:
    • Requires users to read and agree to the Terms of Service before submitting the scan.
    • Benefit: Ensures compliance with legal and usage policies.
• Submit Target:
  • Provides a button to initiate the scan after configuring the target and settings.
  • Benefit: Streamlines the process of starting a scan with a single click.
• Bulk Scan Option:
  • Allows users to enter multiple domains separated by newlines (e.g., "Please enter 1 domain per line, Limit is 1 scan count left").
  • Benefit: Supports bulk scanning for efficiency, though limited to one scan at a time in this view.
• Execute Scan Immediately:
  • Offers a checkbox to execute the scan immediately rather than scheduling it.
  • Benefit: Provides flexibility for users who need immediate scan results.

User Value: The Target Configuration section simplifies the process of initiating scans by providing a user-friendly form with flexible options for scheduling, notifications, and bulk scanning.

Scan History Table: Scan Tracking

The bottom section of the page features a table that tracks the history of initiated scans, providing details on their status and progress.

• Columns:
  • Domain Name: Lists the domains or targets that were scanned (e.g., example.com, 125cook.com).
    • Benefit: Identifies the specific targets associated with each scan for easy reference.
  • Scan Date: Displays the date and time the scan was initiated (e.g., 2024-08-19 21:31:28).
    • Benefit: Provides a timeline of scan activities, helping users track scan frequency.
  • Scan Scope: Indicates whether the scan was a full scope scan (e.g., Yes/No).
    • Benefit: Clarifies the extent of the scan, helping users understand the depth of analysis.
  • Scan Initiated: Shows whether the scan has been initiated (e.g., Yes).
    • Benefit: Confirms that the scan process has started, ensuring visibility into scan progress.
  • User: Identifies the user who initiated the scan (e.g., "Maba").
    • Benefit: Provides accountability by tracking which user started each scan.
• Data Examples:
  • A scan for example.com initiated on 2024-08-19 21:31:28 with full scope, successfully initiated by user "Maba".
  • A scan for 125cook.com initiated on 2024-08-31 13:28:49 with no full scope, successfully initiated by user "Maba".
  • The table lists a variety of domains with different scan dates, scopes, and statuses.
  • Benefit: Offers a historical view of scan activities, allowing users to track progress and identify patterns or issues.
• Features:
  • Pagination: Supports navigation through multiple pages of scan history (e.g., Previous/Next buttons with 2,786 total entries).
    • Benefit: Ensures scalability for users with extensive scan histories.
  • Search Bar: Allows users to search for specific domains or scan entries.
    • Benefit: Enhances usability by enabling quick lookup of specific scan records.

User Value: The Scan History Table provides a detailed record of scan activities, enabling users to monitor scan progress, verify initiation, and manage their scanning workflow effectively.

Navigation and Export Tools

The page includes tools for managing and sharing data:

• Search Bar:
  • Located above the Scan History Table.
  • Benefit: Allows users to quickly find specific scan records by domain or other criteria.
• Pagination:
  • Supports navigation through multiple pages of data (e.g., Previous/Next buttons with 2,786 total entries).
  • Benefit: Ensures scalability for users with extensive scan histories.
• Left Navigation Menu:
  • Includes links to other TRaViS features (e.g., Dashboard, CVE Intelligence, Domain Scanner).
  • Benefit: Provides seamless access to additional tools and views within the TRaViS platform, with the Domain Scanner section expanded to show the TRAVIS Scanner page.

User Value: These tools enhance usability by enabling efficient navigation, search, and integration with other TRaViS features.

Benefits for Security Teams

The TRAVIS Scanner page offers several key benefits:

• Flexible Scan Initiation: Allows users to define scan targets, schedule recurring scans, and initiate scans immediately or in bulk.
• Comprehensive Tracking: Provides a detailed history of scans, including domain, date, scope, and user, for effective monitoring.
• Automated Reporting: Supports email notifications for scan reports, streamlining communication and documentation.
• Scalability: Handles large scan histories with pagination and search capabilities, ensuring usability for extensive datasets.
• Proactive Monitoring: Enables continuous monitoring of the domain’s attack surface through scheduled scans, reducing the risk of undetected vulnerabilities.

Conclusion

The TRAVIS Scanner page in TRaViS EASM, located under the Domain Scanner section, is a powerful tool for initiating and managing scans against domains or IP/CIDR blocks. By providing a user-friendly interface for scan configuration, detailed tracking of scan history, and efficient navigation tools, it empowers security teams to proactively monitor their attack surface and address vulnerabilities effectively. This documentation will continue to expand as additional pages and features are explored.