DigitalStakeoutAbout Us
Guides
Start typing to search…

How to Configure the Port Scan Feed

Learn how to use DigitalStakeout’s Port Scan Feed to perform authorized daily scans of your networks for exposed ports and services.

How to Configure the Port Scan Feed

The Port Scan Feed enables authorized users to conduct recurring scans of designated IPs and networks to identify open ports and potentially exposed services. This feed supports proactive vulnerability management and surface reduction.

Use Cases

  • 🔐 Network Security — Detect newly exposed services or configuration drift
  • 🛠️ Vulnerability Management — Identify ports tied to outdated or misconfigured services
  • 🏛️ Compliance Monitoring — Validate network exposure against regulatory scanning policies
  • 🧭 Asset Discovery — Surface devices or services previously undocumented

⚠️ Compliance Requirements

Port scanning is strictly limited to networks and IP addresses that you own or are authorized to monitor.

  • 🚫 Unauthorized scanning is prohibited
  • 📩 All submitted monitors are subject to compliance team review
  • 📌 Abuse reports may result in feed deactivation or account suspension

Creating a Port Scan Feed

1. Launch the Monitor Setup

  • Navigate to Setup → Discovery
  • Click Add Monitor

2. Configure Basic Settings

FieldDescription
Monitor NameRequired. Suggested format: client_name_range_1_2_3_4_24
Expires OnChoose a future deactivation date or set to “never expires”

3. Define Your Scan Targets

FieldGuidelines
CIDR BlocksEnter the IP or subnet you wish to scan (e.g., 192.168.1.0/24)
Maximum: 256 IPs per monitor
AuthorizationMust have verified control or permission for any IP submitted

4. Save & Submit for Review

  • Click Save to submit your monitor for compliance review
  • You will be notified once approved
  • Scans begin automatically once approved and run daily

5. Monitor Lifecycle

  • Scans run on a 24-hour schedule
  • Any edits to the monitor will pause the feed pending re-approval
  • Results appear in the Console with:
    • IP scanned
    • Open ports/services detected
    • Timestamps and scan history

Best Practices

  • Use narrow CIDR blocks for precision and compliance confidence
  • 🔁 Review scan logs daily to spot new openings or shifts
  • 🧩 Tag monitors for customer, site, or asset group
  • 🔐 Align with internal approval from IT/network owners
  • 🚨 Investigate immediately any unexpected exposed services (e.g., RDP, Telnet)

Example Scenarios

  • Scan your AWS subnet to detect public S3-compatible endpoints
  • Monitor for port 22 (SSH) on a remote location subnet after maintenance
  • Validate that decommissioned services are no longer exposed
  • Confirm that DMZ ports remain consistent during patch cycles

🔗

For detailed use cases, platform integrations, and compliance policy,
visit the Port Scan Feed feature page.

Updated 2 days ago