Products Overview Attack Surface Management Automated Security Testing Exploit Intelligence
Platform How It Works AI at CyCognito Pricing
 
Demo of the CyCognito Platform

See the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. More...

Real World Solutions Assess Your Security Effectiveness Secure Your Software Supply Chain Manage Your Attack Surface
  Monitor Subsidiary Risk Prioritize & Eliminate Attack Vectors Scale Your Pen Testing
  Simplify Compliance Initiatives Evaluate Merger & Acquisition Risk
State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. More...

Meet Our Customers Customer Overview Customer Testimonials Customer Videos
Customer Stories Berlitz Asklepios Ströer Human API Scientific Games
Current Customers Customer Support Customer Login Knowledge Base
The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. More...

Company About Us Leadership Team Careers Privacy and Trust Contact Us
News Latest News Press Releases Media Coverage Events Awards
Partners Partner Program Resellers, MSPs & Systems Integrators Technology Alliance Partners
  Partner Training Sales Training Technical Bootcamps Become a Partner Partner Login
 
Resources What's New Research Reports White Papers + eBooks Solution Briefs Datasheets
  Webinars Videos Blog Glossary Security & Compliance
Learning Center API Security Application Security Attack Surface DRPS
  Exposure Management Vulnerability Assessment Vulnerability Management
EASM 101 External Attack Surface Management Attack Surface Management Attack Surface Discovery Attack Surface Protection Attack Surface Reduction
Cybersecurity Glossary

Passive Scanning

Passive scanning is a reconnaissance workflow that typically does not involve direct interaction with a digital asset, for example parsing open-source intelligence (OSINT) such as DNS enumeration or Google searches.

Passive scanning may also include singular direct interaction with a digital asset through tool categories like open-source network mappers or port scanners to gather running service software versions. Passive scanning can build a basic, but unvalidated list of the externally exposed assets and alert on the possible presence of common vulnerabilities and exposures (CVE). Also see "Active Testing".

See Also
Resources > Solution Briefs
Active Testing vs. Passive Scanning to Detect Attack Surface Risk

Learn about the approaches, the challenges, the benefits, and how you can achieve continuous and comprehensive security testing across all of your external assets.

Resources > Datasheets
Active Security Testing

Continuous active security testing across the entire external attack surface is essential for organizations to reduce risk.

CyCognito Report

State of External Exposure Management, 2024 Edition

State of External Exposure Management Report

Critical vulnerabilities often hide in plain sight—especially in your web servers.

The report is a must-read for understanding today’s external risks and how to prioritize them effectively. Download the report to stay ahead of emerging threats and strengthen your security posture for 2025.

Get the Report