Product Updates

Discover the latest feature releases, improvements and updates.
All updates
Discovery
January 29, 2024

Discovery Chain

We are thrilled to announce the arrival of the Discovery Chain feature

ULTRA RED’s asset discovery capabilities are very thorough and extensive, our scanners often find assets that are long forgotten by the customer, or assets that were created and not reported to the IT department. These situations often require back and forth communication between you and our research support teams to understand how some assets were found and how they are related to the lead domain that was provided in the first step of the discovery.

Related Domains and Discovered assets have an (i)  icon that appears on hover, until now clicking this icon would have opened either the Relations overlay for Related Domain or the Evidence overlay for Discovered Assets. Now this icon will open the Discovery Chain overlay for the domain/asset it was opened on.

Additionally, you can trigger the discovery chain directly from the Asset Details overlay, by clicking the same (i) icon next to the asset's name.

The chain is built from the bottom up, meaning the most bottom item in the chain is the one the user interacted with, i.e., opened the chain from, and the most top item is the lead domain the user initially provided on which the discovery process was initiated. In between them are all the assets, data, and connections that ultimately created the chain.

The Discovery chain consists of three types of nodes:

  • Asset node (red) - either related domain or discovered asset.
  • Related domain nodes will have the same icon
  • Discovered assets will have the category they belong to as their icon.
  • Data node (light grey) - WHOIS, SSL or IP & Ports that were found on the asset.
  • Every data node has a read more button which allows the user to expand the node to reveal the entirety of the data. The data can also be easily copied by clicking the ‘Copy’ icon next to the name.
  • Method node (dark grey) - the methods used to find the next node in the chain.

Method - Explanation

WHOIS Search - Fetched WHOIS data of the related domain.

SSL/TLS Certificate Extraction - Fetched SSL/TLS Certificate of the related domain.

Domain Redirection - This Domain redirects to the parent domain.

Reverse Redirect - The parent domain is redirecting back to this domain.

Domain Link - Parent domain has links to this domain.

Domain Backlink - This domain has links to the parent domain.

Co-hosted Domain - Co-hosted on the same server as the parent domain.

HTML Source code - Found connection to the parent domain while analyzing the HTML code of this domain.

Initial Domain - Initial domain that was used in the Discovery of assets process.

Bucket Discovery - Found in our database of cloud buckets.

CNAME Record - The parent domain has an alias to this domain.

SSL/TLS Certificate Reverse Search - Found in our database of SSL/TLS certificates.

Subdomain discovery - A subdomain of the parent domain.