Crossfeed lets you monitor and discover your public-facing infrastructure, as well as bring better visibility to vulnerabilities.
Learn moreCrossfeed is a tool that continuously enumerates and monitors an organization’s public-facing attack surface in order to discover assets and flag potential security flaws. By operating in either passive or active scanning modes, Crossfeed collects data from a variety of open source tools and data feeds to provide actionable information about organization assets. Crossfeed is offered as a self-service portal and allows customers to view reports and customize scans performed.
Crossfeed is a collaboration between the Cybersecurity and Infrastructure Security Agency and the Defense Digital Service.
Users only have to give Crossfeed a root domain, and it will discover related assets that they may not have been aware of before. Crossfeed can discover all related subdomains and help users understand when certain websites or webpages were unintentionally exposed.
Users can view detailed information about CVEs on the Vulnerabilities page, as well as mark vulnerabilities identified by Crossfeed with different statuses, such as “False Positive” or “Remediated.”
Users can view a list of which scans were performed on their assets and enable or disable certain scans at any time. Additionally, all Internet traffic from Crossfeed to customers’ assets are clearly marked and identifiable as so.
Users have access to a “Risk Summary” dashboard that has graphs / charts to highlight the most important vulnerabilities and assets to focus on.