ASM Scanner Enhancements Arrive in the BreachLock Unified Platform

At BreachLock, we’re committed to delivering proactive security capabilities through a unified platform that evolves with the threat landscape. With the latest release of NGPTaaS v.2.5.0, we’re introducing meaningful improvements in Attack Surface Management (ASM) that helps customer identify risk, act faster, and stay ahead of attackers.

This release, the second major upgrade since v2.4.0, expands our ASM scanning capabilities and streamlines communication through subscription expiry notifications. These updates are designed to empower security teams with deeper visibility, better automation, and a more intuitive user experience. Let’s take a closer look.

I. Deeper Visibility: TLDs, External Services, and IP Abuse Detection

Identifying and monitoring your attack surface is foundational to preempting threats especially as adversaries increasingly exploit domain-related weaknesses. That’s why our domain discovery scans now go further automatically check for:

• Top-Level Domains (TLDs) associated with your environment
• External services running on your domains
• IP abuses linked to those assets linked to the surface domain

Those enhancements let you uncover shadow assets, unexpected services, and signs of compromise early in the lifecycle. Here’s what’s new:

• When a domain discovery scan is trigged on a domain, it now initiates two additional scans: asm-tld and asm-ext-service.
• Results are integrated and trackable via the scan status page. The scan gets executed along with the Domain Discovery scan itself.
• Once complete, you’ll see IP abuse data populated in the Asset Discovery dashboard.
• Discovered TLDs appear in the Domain Details section under both Asset Discovery and APT Scans.
• External Services now have a dedicated tab, making it easier to isolate and investigate any exposed or unapproved services.

These insights make it significantly easier for security teams to reduce unknowns in their attack surface and take action with confidence.

(Image 1: TLDs, External Services, and IP Abuse Detection)

II. Stay Ahead of Expiration with Subscription Email Alerts

Knowing when your subscription ends is critical to ensuring no lapses in security coverage, especially when operating under tight compliance or testing timelines. To help your admins stay informed, the platform will now send an automated email notification at the end of the subscription expiry date.

This alert gives you the opportunity to:

• Add credits before they run out
• Renew your subscription
• Avoid disruptions in your testing cycle

It’s a small but essential improvement that supports continuous security without interruption or guesswork.

(Image 2: Email notification of subscription expiry)

Always Innovating, Always Focused on You

This update reinforces BreachLock’s mission to provide security teams with tools that are adaptive, intelligent, and deeply integrated. As we look ahead to the future platform releases in 2025, our focus remains on delivering smarter, faster, and more effective solutions to help you proactively defend against a constantly evolving threat landscape.

With NGPTaaS v2.5.0, you’re one step closer to full-spectrum offensive security, driven by real insights, better automation, and a unified user experience.

Author

Ann Chesbrough

Vice President of Product Marketing, BreachLock