6.2 Network Topology

Previous6.1 Asset Management Next6.3 Vulnerability Scan

Last updated 9 days ago

6.2 Network Topology

📖 Overview

The Network Topology module offers a visual and interactive map of your entire internet-facing infrastructure. It illustrates the relationships between your domains, IP addresses, technologies, ports, and vulnerabilities in real-time — enabling you to understand your attack surface as a connected structure, not just a list.

🧠 Think of this as a cybersecurity radar that shows how all your digital assets are linked, and where your weaknesses may lie.

🧩 What It Displays

🧱 Nodes:

Each node represents an entity in your infrastructure:

Domain or subdomain (e.g., app.yourcompany.com)
IP Address
Open port or protocol (e.g., 443/HTTPS, 21/FTP)
Technology in use (e.g., PHP, MySQL, WordPress)
Associated vulnerability (if found)

🔗 Connections:

Lines between nodes show direct associations such as:

Domains resolving to IPs
IPs running services on specific ports
Ports linked to technologies or risk factors

🎨 Node Indicators:

Each node is color-coded based on its type or threat level:

🔵 Domain
🟠 IP Address
🔴 Critical Vulnerability
🟡 High Risk
🟢 Safe
⚫ Unknown/Other

🖥️ Interactive Features

Zoom & Pan — Explore the map freely or fit to screen
Filter Nodes — Search by domain, IP, or vulnerability
Layout Options — Switch between graph models (e.g., CoSE, Circle, Grid)
Export — Download your topology as a PNG for reports or auditing
Node Detail Panel — Click any node to view:
- Associated ports
- Technologies
- Resolved IP
- Detected vulnerabilities

🛠️ Why It Matters

Traditional asset lists can’t show how things are connected — and attackers exploit relationships.

This view helps you:

Detect exposed nodes with shared risk
Identify forgotten or shadow systems still reachable
Spot single points of failure or shared infrastructure risk
Understand potential pivot paths in case of breach

🔍 Example Scenarios

Use Case

What You Can Discover

A vulnerable service on shared IP

Multiple domains exposed through one IP

A forgotten subdomain still active

Visualized next to your main infrastructure

A non-SSL port open to internet

See it linked under an insecure protocol node

A legacy PHP app next to new stack

Legacy risk adjacent to modern services

⚙️ Best Practices

Action

Why It Matters

Review the topology weekly

Spot new or unauthorized connections

Export before change deployments

Compare before/after network footprint

Investigate isolated nodes

May indicate misconfigurations or forgotten assets

Monitor for red nodes

Indicates confirmed vulnerabilities

🎯 The Network Topology module turns your digital surface into a visual map of risk. Not only will you see what’s online — you’ll see what’s connected, and what needs to be secured.

Previous6.1 Asset Management Next6.3 Vulnerability Scan

Last updated 9 days ago

📖 Overview

🧠 Think of this as a cybersecurity radar that shows how all your digital assets are linked, and where your weaknesses may lie.

🧩 What It Displays

🧱 Nodes:

Each node represents an entity in your infrastructure:

Domain or subdomain (e.g., app.yourcompany.com)
IP Address
Open port or protocol (e.g., 443/HTTPS, 21/FTP)
Technology in use (e.g., PHP, MySQL, WordPress)
Associated vulnerability (if found)

🔗 Connections:

Lines between nodes show direct associations such as:

Domains resolving to IPs
IPs running services on specific ports
Ports linked to technologies or risk factors

🎨 Node Indicators:

Each node is color-coded based on its type or threat level:

🔵 Domain
🟠 IP Address
🔴 Critical Vulnerability
🟡 High Risk
🟢 Safe
⚫ Unknown/Other

🖥️ Interactive Features

Zoom & Pan — Explore the map freely or fit to screen
Filter Nodes — Search by domain, IP, or vulnerability
Layout Options — Switch between graph models (e.g., CoSE, Circle, Grid)
Export — Download your topology as a PNG for reports or auditing
Node Detail Panel — Click any node to view:
- Associated ports
- Technologies
- Resolved IP
- Detected vulnerabilities

🛠️ Why It Matters

Traditional asset lists can’t show how things are connected — and attackers exploit relationships.

This view helps you:

Detect exposed nodes with shared risk
Identify forgotten or shadow systems still reachable
Spot single points of failure or shared infrastructure risk
Understand potential pivot paths in case of breach

🔍 Example Scenarios

Use Case

What You Can Discover

A vulnerable service on shared IP

Multiple domains exposed through one IP

A forgotten subdomain still active

Visualized next to your main infrastructure

A non-SSL port open to internet

See it linked under an insecure protocol node

A legacy PHP app next to new stack

Legacy risk adjacent to modern services

⚙️ Best Practices

Action

Why It Matters

Review the topology weekly

Spot new or unauthorized connections

Export before change deployments

Compare before/after network footprint

Investigate isolated nodes

May indicate misconfigurations or forgotten assets

Monitor for red nodes

Indicates confirmed vulnerabilities

🎯 The Network Topology module turns your digital surface into a visual map of risk. Not only will you see what’s online — you’ll see what’s connected, and what needs to be secured.