Scan Difference - Monitor Changes on Your Targets

“How can I track scan trends?”; “Do you offer scan difference reports?”; “Can I receive notifications only for new vulnerabilities?”
Written by Dragos Sandu
Updated 3 months ago

Our users often asked us how to easily view trends and changes in vulnerabilities for monitored targets.

We’re excited to announce that this feature is now fully implemented, allowing you to effortlessly track these changes. Get notified only for new findings that appear in your scans, without any workarounds.

How does it work?

After setting up a scan diff notification, we will monitor the following:

  • The target you scanned,
  • The workspace where the scan was initiated,
  • The tool utilized,
  • And the successful completion of the scan.
The scan diff notifications are compatible with some of our discovery scanners (Port Scanner and Subdomain Finder) as well as all our vulnerability scanners.

How to configure the scan diff notification

Navigate to the Settings section from the left-side menu and choose Notifications

Click the +Add button to open the configuration panel and set the conditions that will trigger the notification

The scan diff triggers include the following:

  • For Vulnerability Scanners

Vulnerability → Diff → from → previous scan

  • For Port Scanner

Port Scanner → Diff → from → previous scan

  • For Subdomain Finder

Subdomains → Diff → from → previous scan

You're all set. Enjoy a quieter inbox!

After the subsequent scans are completed, you will only receive notifications if there are changes detected to the findings associated with a particular target. 

As a result, you will receive notifications that either:

  • Include newly detected findings, ports, or subdomains,

  • Indicate findings that were not detected in the subsequent scans,

Findings that are no longer detected could be due to several reasons. The most likely causes include: the underlying issue has been resolved, the software version has been updated, the server responded differently to our requests and thus no longer triggers the vulnerability, scan parameters were changed in the subsequent scan, or the issue is no longer being identified by our scanners.
  • Provide updated findings with additional information or evidence

If you’re only interested in monitoring open ports we have a solution for that too. See here how to get notified for new open ports only.
If you’re looking for more ways to receive these notifications, be sure to check out our guides for Slack, Microsoft Teams, and other platforms, here
Did this answer your question?