generated from mintlify/starter
-
Notifications
You must be signed in to change notification settings - Fork 47
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
173dbe4
commit 16f632b
Showing
131 changed files
with
73,267 additions
and
836 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| --- | ||
| title: 'Audit Logs' | ||
| description: 'Track and monitor all user activities and system events across your organization' | ||
| sidebarTitle: 'Audit Logs' | ||
| --- | ||
|
|
||
| <Note> | ||
| Audit Logs are available exclusively for Enterprise customers. Contact our [sales team](https://projectdiscovery.io/request-demo) to learn more about Enterprise features. | ||
| </Note> | ||
|
|
||
| ProjectDiscovery's Audit Logs provide comprehensive visibility into all user activities and system events within your organization's ProjectDiscovery Cloud environment. The audit logging system captures detailed information about every significant action, including user logins, asset modifications, scan initiations, configuration changes, and API access events. Each log entry contains essential metadata such as the timestamp, user identity, IP address, action type, and affected resources, enabling security teams to maintain complete accountability and traceability. | ||
|
|
||
| The audit logging interface presents events in a chronological timeline, with advanced filtering capabilities that allow you to search and analyze specific types of activities. Security administrators can filter logs based on multiple parameters including time ranges, user identities, action types, and affected resources. This granular filtering helps during security investigations, compliance audits, or when tracking specific changes across your organization's security workflows. | ||
|
|
||
| From a security operations perspective, the audit logs serve as a crucial tool for detecting unusual patterns or potentially unauthorized activities. For instance, you can identify unusual scan patterns, track template modifications, or monitor API key usage across your organization. The system retains audit logs for an extended period, ensuring you have historical data available for compliance requirements or security investigations. | ||
|
|
||
| Integration capabilities allow you to export audit logs to your existing security information and event management (SIEM) systems through our API. This enables you to incorporate ProjectDiscovery activity data into your broader security monitoring and alerting workflows. The audit log data can be particularly valuable during incident response scenarios, providing a clear timeline of events and actions leading up to or following a security event. | ||
|
|
||
| For organizations with compliance requirements, our audit logs help demonstrate adherence to various security frameworks and regulations. The comprehensive logging of user actions, access patterns, and system changes provides the necessary documentation for security audits and compliance reviews. Each log entry is immutable and cryptographically signed, ensuring the integrity of your audit trail. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| --- | ||
| title: 'SAML SSO' | ||
| description: 'Enterprise Single Sign-On (SSO) integration for secure team access' | ||
| sidebarTitle: 'SAML SSO' | ||
| --- | ||
|
|
||
| <Note> | ||
| SAML SSO is available exclusively for Pro (as an add-on) and Enterprise customers. Contact our [sales team](https://projectdiscovery.io/request-demo) to enable SAML SSO for your organization. | ||
| </Note> | ||
|
|
||
| ProjectDiscovery supports Enterprise Single Sign-On (SSO) through SAML 2.0, enabling seamless and secure authentication using your organization's Identity Provider (IdP). Our SAML implementation is powered by Clerk, providing robust support for major identity providers including: | ||
|
|
||
| - Microsoft Azure AD | ||
| - Google Workspace | ||
| - Okta Workforce | ||
| - Custom SAML Providers | ||
|
|
||
| ## Implementation Process | ||
|
|
||
| SAML SSO setup requires manual configuration and verification by the ProjectDiscovery team to ensure secure implementation. Here's what to expect: | ||
|
|
||
| 1. **Initial Setup Request** | ||
| - After purchasing a Pro plan with SSO add-on or Enterprise contract | ||
| - The ProjectDiscovery team will reach out to begin the configuration process | ||
| - You'll be assigned a dedicated technical contact for the setup | ||
|
|
||
| 2. **Configuration Steps** | ||
| - Provide your IdP metadata and certificates | ||
| - Configure allowed domains and user attributes | ||
| - Set up SAML assertion mapping | ||
| - Test the integration in a staging environment | ||
|
|
||
| 3. **Verification & Go-Live** | ||
| - Validate user provisioning and authentication | ||
| - Confirm security settings and access controls | ||
| - Enable the integration for production use | ||
|
|
||
| ## Supported Features | ||
|
|
||
| Our SAML integration includes comprehensive enterprise-grade features: | ||
|
|
||
| - **Automated User Provisioning** | ||
| - Just-in-Time (JIT) user creation | ||
| - Attribute mapping for user profiles | ||
| - Role and permission synchronization | ||
|
|
||
| - **Security Controls** | ||
| - Domain-based access restrictions | ||
| - Enforced SSO for specified domains | ||
| - Session management and timeout settings | ||
|
|
||
| - **Advanced Options** | ||
| - Support for IdP-initiated SSO | ||
| - Multi-factor authentication integration | ||
| - Custom attribute mapping | ||
|
|
||
| ## Important Notes | ||
|
|
||
| - SAML SSO setup requires manual configuration due to its security-critical nature | ||
| - The setup process typically takes 1-2 business days | ||
| - All configurations are thoroughly tested before production deployment | ||
| - Changes to SAML settings may require ProjectDiscovery team assistance | ||
| - Existing users can be migrated to SSO authentication seamlessly | ||
|
|
||
| ## Getting Started | ||
|
|
||
| To enable SAML SSO for your organization: | ||
|
|
||
| 1. Ensure you have a Pro plan with SSO add-on or Enterprise contract | ||
| 2. Contact your account representative or [sales team](https://projectdiscovery.io/request-demo) | ||
| 3. Prepare your IdP configuration details | ||
| 4. Schedule a setup call with our technical team | ||
|
|
||
| Our team will guide you through the entire process, ensuring a secure and successful implementation of SAML SSO for your organization. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| --- | ||
| title: 'Scan IPs for Whitelisting' | ||
| description: 'Configure and manage scanning IP addresses for enterprise security controls' | ||
| sidebarTitle: 'Scan IPs' | ||
| --- | ||
|
|
||
| <Note> | ||
| Dedicated Scan IPs are available exclusively for Enterprise customers. Contact our [sales team](https://projectdiscovery.io/request-demo) to learn more about Enterprise features. | ||
| </Note> | ||
|
|
||
| ProjectDiscovery's Enterprise scanning infrastructure operates from a dedicated set of static IP addresses, enabling organizations to implement precise security controls and whitelisting policies. These fixed IP ranges are exclusively assigned to your organization's scanning activities, providing consistent and identifiable sources for all security assessments conducted through the platform. This dedicated IP infrastructure ensures that your security teams can easily distinguish ProjectDiscovery's legitimate scanning traffic from potential unauthorized scanning attempts. | ||
|
|
||
| When configuring your security infrastructure to accommodate ProjectDiscovery scans, you can whitelist these specific IP addresses in your firewalls, Web Application Firewalls (WAFs), or Intrusion Prevention Systems (IPS). This whitelisting approach allows you to maintain strict security controls while ensuring uninterrupted vulnerability scanning operations. The platform provides both IPv4 and IPv6 addresses, supporting organizations with diverse network configurations and compliance requirements. | ||
|
|
||
| Enterprise customers can customize scanning behavior on a per-IP basis, including the ability to set specific rate limits, configure custom headers, or assign particular IPs to different types of scans. This granular control helps organizations optimize their scanning operations while maintaining compliance with internal security policies. For instance, you might assign certain IPs for external asset discovery while reserving others for intensive vulnerability scanning, ensuring proper resource allocation and traffic management. | ||
|
|
||
| The platform includes monitoring and analytics for scan traffic from these IPs, providing visibility into scanning patterns, bandwidth usage, and potential scanning issues. This monitoring helps security teams optimize their scanning strategies and troubleshoot any connectivity or performance problems. Additionally, if any of your security systems flag scanning activity from these IPs, you can quickly verify the legitimacy of the traffic against your assigned IP ranges. | ||
|
|
||
| For organizations operating in regulated environments or with strict security requirements, our dedicated IP infrastructure provides the necessary isolation and control. Each scanning IP is documented and can be included in security compliance documentation, making it easier to demonstrate proper security controls during audits. The platform also supports custom DNS resolution and proxy configurations when needed for specialized scanning scenarios. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,64 @@ | ||
| --- | ||
| title: 'Custom & Bulk Asset Labeling' | ||
| description: 'Create and manage custom labels for your assets with powerful bulk labeling capabilities' | ||
| sidebarTitle: 'Custom Labeling' | ||
| --- | ||
|
|
||
| Custom Labels in ProjectDiscovery Cloud are user-defined tags that you can manually assign to any discovered asset. This feature works alongside the automatic, AI-driven labels that the platform generates. While the system's AI assigns labels for website types (e.g., API docs, internal apps, login pages, admin panels) and environments (e.g., production, staging, internal) by default, custom labels give you the flexibility to define your own categories and classifications for assets. In other words, you're not limited to the auto-generated labels – you can tag assets with labels that make sense for your organization's context (such as project names, owner teams, sensitivity, or any internal naming scheme). | ||
|
|
||
| ### How They Work | ||
|
|
||
| Using the ProjectDiscovery Cloud interface, a user can select an asset and assign one or more custom labels to it. These labels then appear alongside the asset in the inventory, just like the AI-generated labels. This manual labeling is valuable for capturing contextual information that automated methods might not know. For example, you might label certain assets as "Critical" if they pertain to core infrastructure, or tag a set of hosts as "Internal" if they should not be exposed to the internet. By labeling assets in a way that mirrors your environment and business, you ensure that important attributes of each asset are immediately visible. | ||
|
|
||
| ### Benefits | ||
|
|
||
| Custom labels allow security teams to organize assets according to custom criteria and quickly spot key asset properties at a glance. This user-driven categorization adds an extra layer of context – teams gain full control over how assets are categorized. It becomes easier to filter and group assets based on these tags (for example, viewing all assets labeled "Internal" or "Web-Server"). Ultimately, this leads to better asset management as the platform helps classify results to help you better organize, contextualize, and prioritize your assets. In practice, custom labels enable workflows like separating production vs. staging assets or flagging high-risk systems, so that teams can focus on relevant subsets of the attack surface during monitoring and scanning. | ||
|
|
||
| ## Bulk Labeling | ||
|
|
||
| ProjectDiscovery Cloud also supports Bulk Labeling, which lets users apply a label to many assets at once, rather than tagging each asset individually. This feature is implemented through the platform's powerful filtering system. Users can filter their asset list by specific criteria and then assign a label to all assets matching that filter in a few clicks. In effect, bulk labeling dramatically speeds up the process of categorizing large numbers of assets. | ||
|
|
||
| ### How It Works | ||
|
|
||
| The platform provides filtering across 14+ attributes of assets – you can narrow results by things like port number, technology, domain, IP, content length, and even by existing labels. Here's how to create and save bulk labels: | ||
|
|
||
| 1. **Apply Filters** | ||
| - Navigate to the Assets view | ||
| - Click the "Filter" button in the top left | ||
| - Select your desired filter criteria (e.g., port, technology, domain) | ||
| - Apply multiple filters to refine your selection | ||
|
|
||
| 2. **Select Assets** | ||
| - After filtering, review the matching assets | ||
|
|
||
| 3. **Apply Labels** | ||
| - Click the "Label" button in the action bar | ||
| - Enter your label name or select from existing labels | ||
| - Click "Apply" to tag all selected assets | ||
|
|
||
| 4. **Save as Dynamic Group** (Optional) | ||
| - Click "Save Filter" in the top right | ||
| - In the pop-up dialog, enter a name for your dynamic group | ||
| - Click "Save" to create your dynamic group | ||
|
|
||
| Your saved dynamic group will automatically update as new assets matching your filter criteria are discovered. For example, you could label all assets running on port 8088 as 'staging' in just a few clicks. This bulk tagging via filters approach means you don't have to manually edit each asset entry – the system streamlines it for you. | ||
|
|
||
| ### Advantages | ||
|
|
||
| Bulk labeling is especially useful for applying environment or role labels to many assets simultaneously. It ensures consistency at scale – every asset meeting the criteria gets the exact same label, avoiding omissions or typos that might happen with one-by-one tagging. It's also a huge time-saver for large asset sets; teams can categorize hundreds or thousands of assets in seconds by leveraging filters, instead of minutes or hours. By making it easy to tag assets in bulk, ProjectDiscovery helps teams maintain an organized asset inventory even as new data pours in. | ||
|
|
||
| ## Use Cases and Workflow Integration | ||
|
|
||
| Both custom labels and bulk labeling open up new use cases for integrating ProjectDiscovery into security team workflows: | ||
|
|
||
| ### Environment Segmentation | ||
| Teams can mark assets by environment (e.g., Development, Staging, Production) using custom labels. Bulk labeling makes it easy to apply these environment tags en masse. For example, filtering by port 8088 and tagging those assets as "staging" is a quick way to group all staging assets. This segmentation allows different handling of assets based on environment – for instance, running more frequent scans on production assets or applying stricter monitoring to internal-only systems. | ||
|
|
||
| ### Technology or Port-based Grouping | ||
| If many assets share a common attribute (such as a specific open port, technology, or domain pattern), you can filter them out and label them in bulk. For instance, label all assets running an outdated software version as "Legacy" or all assets on port 22 as "SSH-Servers." This practice helps in quickly identifying groups of assets that might require a specific security assessment or patching regimen. The filtering system supports multi-select and complex queries (e.g., all assets on either Nginx or Apache) to refine these groups. | ||
|
|
||
| ### Dynamic Asset Groups for Monitoring | ||
| After labeling assets, those labels can be used to create saved views or dynamic subgroups in the platform. A dynamic subgroup is essentially a saved filter that updates automatically as assets change. For example, once you've labeled certain assets as "Critical", you could save a filter for `label = Critical`. As new assets get tagged with "Critical" (either through AI suggestions or manual labeling), they will automatically appear in that group. This is highly useful for workflows like continuous monitoring or targeted vulnerability scanning – you always have an up-to-date list of assets in that category without rebuilding queries. | ||
|
|
||
| ### Prioritization and Triage | ||
| Custom labels can encode business context such as ownership (e.g., tagging an asset with the responsible team or project name) or criticality (e.g., High-Value, Low-Impact). Using bulk operations, a newly onboarded set of assets can quickly be labeled according to input from asset owners or CMDB data. Thereafter, security analysts can filter by these labels to prioritize issues. For example, during incident response or risk review, one might focus on assets labeled "Production" and "Customer-Facing" first, since an issue on those could be more severe. |
Oops, something went wrong.