FAQ

General

What is ShadowMap?

ShadowMap is an External Attack Surface Management (EASM) platform that continuously discovers, monitors, and helps you manage your organization's external digital risk exposure.

How often does ShadowMap scan?

ShadowMap runs continuous scans. The frequency varies by module — some checks run hourly, others daily or weekly depending on the data source and scan type.

What data sources does ShadowMap use?

ShadowMap combines active scanning (DNS, port scanning, web crawling) with passive intelligence collection (certificate transparency logs, dark web monitoring, threat feeds, breach databases).

Findings and Alerts

What do the severity levels mean?

• Critical — Immediate risk requiring urgent action (e.g., exposed plaintext credentials, active data breach)
• High — Significant risk requiring prompt attention (e.g., exploitable vulnerability, active phishing site)
• Medium — Moderate risk that should be addressed (e.g., SSL misconfiguration, exposed code repository)
• Low — Minor risk for awareness (e.g., information disclosure, domain squatting without active content)

Why do trend colors use red for up and green for down?

ShadowMap uses threat semantics: red means more threats (bad), green means fewer threats (good). This is intentionally the opposite of financial charts where green=up is positive.

What does "False Positive" mean?

A false positive is a finding that ShadowMap flagged but is not actually a security concern. You can mark findings as false positive to exclude them from dashboards and reports.

Account and Access

How do I reset my password?

Click "Forgot Password" on the login page and follow the email instructions.

What roles are available?

ShadowMap has three roles: Admin (full access), Manager (access to modules with limited settings), and Analyst (access to assigned modules only).

How do I enable 2FA?

Navigate to My Account > Security and click Enable 2FA. See First Login for a full walkthrough.