Introducing Apex Discovery to secure every domain you actually own

Detectify

A Detectify UI dashboard displaying asset discovery metrics and a data table. At the top, three summary cards display metrics: "Total assets" at 1,193; "Monitored assets" at 1,166 (98% of total); and "Active assets" at 1,137 (98% of monitored, 95% of total). Below the cards, a navigation menu has tabs for "Root assets", "Subassets", and the currently selected "Discovered Roots". A filter section below the tabs shows a search bar and an active filter set to "Status is any of Pending". At the bottom, a data table shows a single row with the domain name "io-ext.se", discovered via the methodology "SSL SAN", with 2 seeds, first seen "7 days ago", and carrying a "Pending" status badge.

Most tools will only test the domains you already know about. We’ve decided that’s not enough.

TLDR: Detectify’s new Apex Discovery automatically identifies root domains likely to belong to your organization (from M&A, subsidiaries, and shadow IT) for complete security coverage. Review and confirm our curated suggestions in a click, and instantly start protecting them with the same continuous discovery and vulnerability assessment as the rest of your attack surface. Detectify does the heavy lifting while your team stays in control.

You might own a domain from a startup you acquired three years ago, a regional variant of a subsidiary registered without telling security, or a marketing microsite someone spun up and forgot. 

Most organizations simply don’t have a complete picture of their attack surface, and every unmonitored domain is a blindspot that can quietly harbor vulnerabilities no one is watching. Your existing tooling can only monitor what you feed it, which means your real attack surface is almost always larger than the one you’re watching. 

We believe knowing your known domains isn’t enough. To truly secure your attack surface, you first have to know how big it actually is, and that starts at the apex.

We have launched Apex Discovery, a core enhancement to attack surface management in Detectify. This isn’t just a WHOIS lookup; it’s a custom-built attribution engine that connects domains to your organization using multiple ownership signals directly into your Detectify workflow. 

Engineering a better attribution engine

A key part of what we do at Detectify is building unique solutions that provide significantly more value to your team than standard tooling. Apex domain attribution is a genuinely hard, under-researched problem, and it’s even harder in the EU, where GDPR limits most of the ownership signals in WHOIS data. That’s exactly the kind of problem we like to solve:

  • Automated attribution techniques combined: Rather than relying on a single data point, we combine multiple signals to connect domains back to your organization, casting a wide net.
  • High-confidence candidates, not noise: Domain ownership can’t be proven with 100% certainty by a machine, so instead of dumping raw results on you, we filter through various attribution methods to curate candidates with high confidence, surfacing the ones most likely to be yours so you can review and verify ownership. 
  • Uncovering the invisible: Domains from M&As, subsidiaries, and shadow IT are most likely to be unmonitored and quietly contain risk. With Apex Discovery, you can find vulnerabilities continuously with the same security as for your other domains.

How does Apex Discovery work?

Because attribution is probabilistic, we built the workflow around review and verification rather than blind automation. From your highly curated list of candidates, you can:

  • Confirm the domains that belong to your organization.
  • Add confirmed domains as assets to your team in a single step.
  • Verify ownership of those assets.
  • Dismiss anything that isn’t yours, so your list stays clean, and your next review is always sharper.

This semi-automated approach means you get the reach of automated discovery without giving up control over what actually lands in your inventory.

UI example of Apex Discovery in the Detectify tool

Automatically identify apex domains belonging to your organization for a complete external security coverage, and review curated domain suggestions.

What’s new in your dashboard?

We’ve integrated Apex Discovery directly into your Surface Monitoring workflow to make it actionable:

  • A curated candidates list: A dedicated place to review potential apex domains attributed to your organization.
  • One-click confirmation: Confirm a domain and add it as an asset in the same motion, then move straight into ownership verification.
  • Full coverage from day one: The moment you confirm and start scanning a domain, it inherits the same continuous discovery and vulnerability assessment you already rely on for your known assets, with the possibility of always adding configuration on the new root. 
  • Dismiss and refine: Clear out domains that aren’t yours to keep future suggestions focused and relevant.

Get started

The best way to understand your exposure is to see how much of it you didn’t know about. Head to your Detectify dashboard to review the apex domains we’ve attributed to your organization, confirm what’s yours, and bring it under continuous control.

Book a demo to talk to our experts or start a 2-week free trial to see it in action.

Check out more content