Document Version: 1.3
© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.
This document provides users with an overview of Scout. This document has been elaborated under the assumption that the reader has access to the OUTSCAN account with Scout subscription.
Scout is an asset discovery tool that uses the provided input to find and report on resources and their associations that might have been previously unknown. It enumerates services and deducts information about linked hosts, IPs and other resources that need additional security checks on application or infrastructure layer.
It uses the following methods to gather the data:
- Network discovery
- Port scanning
- Web service enumeration
- Software component detection
- Subdomain bruteforcing
- TLS scanning
To launch OUTSCAN application, navigate to https://outscan.outpost24.com.
NoteUse HTTPS protocol.
- Log in using your credentials.
- To access Discovery scanning module, go to Main Menu > Portal to access Scout through the new UI.
Contact your Sales Engineer for information on obtaining the attack surface score and map.
Click on the Name to view the Asset details.
The user must upload both scores and components (application elements) using the rest API to view the attack surface details in the UI. Under this tab, a spider chart is displayed which depicts the distribution of risk across these 7 elements, and the top most discovered components with their overall Farsight risk.
Manage a Scout Asset
The possible user actions are:
Click on Configure Asset, to make a default configuration for the selected asset.
- Click on Add tags to add a tag to the selected finding.
Recommendation on how to utilize Tags
Location - Geographical location, Ex: London, Europe.
Function - Such as e-commerce, finance, crm etc.
Impact - Values Critical/High/Medium/Low should describe how the system affects business.
Other examples of useful tags:
Cloud - Is the system hosted in the cloud
Contact Info - Can be email of the person to contact about this system.
Click on Generate report to download a report. See Reports, for more information.
- Select the assets to be deleted, and click on the Delete button at the bottom of the view.
- Confirm the action by clicking DELETE.