SOCRADAR CURIOSITY WIDE SCAN PROJECT

SOCRadar Attack Surface Management Platform

SOCRadar delivers an intelligent extended threat intelligence platform for organizations against sophisticated cyber attacks. Its portfolio of digital assets and perimeter monitoring platforms hardened with targeted cyber threat intelligence – all automated and supported by a global team of qualified intelligence analysts – provides unparalleled visibility, management, and protection of digital risks.

Prioritized, up-to-date, and relevant cyber threat intelligence insights empower customers to take action starting from the reconnaissance stage of the Cyber Kill Chain. Our customers worldwide leverage our 15+ years of expertise and investment in scalable, innovative solutions to protect their most valuable assets – brand reputation, employees, customers, networks, and operational facilities.

SOCRadar discovers all digital assets of the companies automatically and tracks changes of those 7x24x365 with flexible alarm and notification mechanism. SOCRadar false-positive alarm ration is redacted with machine learning algorithms and provides cyber threat intelligence.

SOCRadar CURIOSITY Wide Scan project is a subproject inside of our platform. We are constantly looking for open ports and banners of our customers' external ip addresses to generate alarms for any potential misconfiguration.

Our carefully designed system send TCP SYN packets in a very low rate (lower than 0.1 Mbps) and scans are distributed and randomized over the time to prevent any load on the destination ip addresses.

Q: How to be excluded from our scans?

A: Send an email to noscan [@] socradar[.]io requesting to be excluded and including your information.

Q: How to block our scanners?

A: A list of our Port scanners; IP addresses are:

  • 139.162.225.221
  • 172.105.9.235
  • 45.79.44.78
  • 172.104.75.183
  • 172.105.58.98
  • 45.79.173.230
  • 172.105.78.101
  • 172.233.111.227

A list of our Network Vulnerability scanners' IP addresses are:

  • 185.198.199.82
  • 85.90.244.133
  • 143.42.19.122

You can block access from these addresses on your own machines, while keeping in mind that these addresses are updated rotated periodically.