What is it?
Detectify’s Domain Monitoring Service (DMS) allows you to monitor your domains and be notified as soon as they are at risk for vulnerabilities related to domain configuration. We will uninterruptedly monitor the configuration of your domains, e.g. track misconfigured CNAME pointers to cloud providers.
What is a subdomain takeover?
If a malicious attacker finds a cloud provier's default page with no service attached to it, they are able to register a new account and claim your subdomain without having to verify ownership of the domain. As the DNS records are already set up correctly, the domain owner is never notified about the attack.
How does domain monitoring work?
1. By default we will use bruteforce or scraping as means of gathering potentially vulnerable subdomains. Another option is for you to provides Detectify with a zone file including all subdomains on a selected apex domain.
2. The subdomains included in the zone file are automatically monitored for vulnerabilities related to
3. We have patterns and tests to detect misconfigurations at more than 150 cloud providers that do not verify subdomain ownership, including Heroku and Amazon.
4. We check your domains automatically multiple time per day.
5. We check for two types of takeovers, one is purely DNS-based while the other is cloud-based. We spot the latter by looking at HTML objects on the cloud provider’s default pages.
6. As soon as we spot a change that makes your subdomains vulnerable, you will receive an alert via email, integrations, or the Detectify dashboard.
7. The DMS reports show you which domains are vulnerable and at what point in time they were vulnerable. The vulnerabilities are categorized by different severity levels based on CVSS.
Who is it for?
• Companies with a larger scope of subdomains and distributed governance.
• Companies that use a cloud or mixed hosting environment with both internal applications (e.g running on AWS), PaaS applications like Heroku or WP engine, and SaaS providers like Shopify.
How to get up and running
Your point of contact will help you enable your DMS account in the Detectify interface. If don’t have a point of contact, reach out to firstname.lastname@example.org.