Detectify today announced the launch of IP Range Scanning, a new capability designed to help organizations continuously discover and monitor entire blocks of IP addresses. The technology automates the identification of exposed infrastructure, helping security teams find forgotten assets and hidden risks before attackers exploit them.
Organizations across all sectors are sitting on forgotten IP addresses that have become primary entry points for modern cyberattacks. While millions have been spent securing public-facing websites, legacy tools often struggle with noise and stale data, leaving modern organizations with a massive, unmonitored blind spot. Recent research from Detectify highlights this gap, with SSH found on non-standard ports nearly as often as on port 22 (49.3% vs. 50.7%), indicating that organizations focused only on standard ports risk missing a substantial portion of exposed services.
This digital basement can be filled with orphaned servers, legacy hardware, and unauthorized shadow IT. To a security team, these assets are invisible. To a hacker, they are an unlocked window. Identifying assets across large IP blocks often results in fragmented data or noisy snapshots that fail to integrate with modern AppSec workflows. High-risk services like Redis and MongoDB are frequently exposed on raw IP addresses without associated domains, making them invisible to traditional tools.
Detectify’s IP Range Scanning prioritizes high-fidelity discovery across large network segments, giving security teams accurate, actionable visibility into previously overlooked assets and reducing blind spots at scale. With this release, customers can benefit from: Onboarding entire CIDR blocks in seconds: Gain continuous visibility into the infrastructure behind their networks, from legacy systems to rapidly expanding environments. Identifying hidden services: Uncover everything from remote desktops and databases to web applications, powered by Protocol Discovery that goes beyond simple port detection. Bridging the gap to testing: When a web application is detected, Detectify automatically transitions to deep security testing, evaluating it against more than 922 quintillion payload-based permutations to uncover any potential for exploitation.
For organizations operating their own networks, such as government agencies and other large enterprises, IP ranges are often among the least understood areas of the attack surface. The ability to scan entire IP blocks in the same way as domains provides a clearer, more comprehensive view of what is actually exposed. Continuous discovery of services and applications across these ranges helps security teams identify forgotten or unmanaged assets early, improving visibility and reducing the risk of overlooked weaknesses being exploited.
Like this:
Like Loading...
Related
This entry was posted on March 24, 2026 at 8:21 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Detectify launches IP Range Scanning to uncover hidden infrastructure before attackers do
Detectify today announced the launch of IP Range Scanning, a new capability designed to help organizations continuously discover and monitor entire blocks of IP addresses. The technology automates the identification of exposed infrastructure, helping security teams find forgotten assets and hidden risks before attackers exploit them.
Organizations across all sectors are sitting on forgotten IP addresses that have become primary entry points for modern cyberattacks. While millions have been spent securing public-facing websites, legacy tools often struggle with noise and stale data, leaving modern organizations with a massive, unmonitored blind spot. Recent research from Detectify highlights this gap, with SSH found on non-standard ports nearly as often as on port 22 (49.3% vs. 50.7%), indicating that organizations focused only on standard ports risk missing a substantial portion of exposed services.
This digital basement can be filled with orphaned servers, legacy hardware, and unauthorized shadow IT. To a security team, these assets are invisible. To a hacker, they are an unlocked window. Identifying assets across large IP blocks often results in fragmented data or noisy snapshots that fail to integrate with modern AppSec workflows. High-risk services like Redis and MongoDB are frequently exposed on raw IP addresses without associated domains, making them invisible to traditional tools.
Detectify’s IP Range Scanning prioritizes high-fidelity discovery across large network segments, giving security teams accurate, actionable visibility into previously overlooked assets and reducing blind spots at scale. With this release, customers can benefit from: Onboarding entire CIDR blocks in seconds: Gain continuous visibility into the infrastructure behind their networks, from legacy systems to rapidly expanding environments. Identifying hidden services: Uncover everything from remote desktops and databases to web applications, powered by Protocol Discovery that goes beyond simple port detection. Bridging the gap to testing: When a web application is detected, Detectify automatically transitions to deep security testing, evaluating it against more than 922 quintillion payload-based permutations to uncover any potential for exploitation.
For organizations operating their own networks, such as government agencies and other large enterprises, IP ranges are often among the least understood areas of the attack surface. The ability to scan entire IP blocks in the same way as domains provides a clearer, more comprehensive view of what is actually exposed. Continuous discovery of services and applications across these ranges helps security teams identify forgotten or unmanaged assets early, improving visibility and reducing the risk of overlooked weaknesses being exploited.
Share this:
Like this:
Related
This entry was posted on March 24, 2026 at 8:21 am and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.