Welcome to Chariot!
This page offers step-by-step instructions to sign up and get started in Chariot.
Sign up
Navigate to https://chariot.praetorian.com/login.
On your initial visit to Chariot, you have the option to sign in, sign in with Single Sign On (SSO), sign in with Google, or--if you are a new user--sign up.
As a new user, you can sign up for a free account by clicking Sign Up. When you click Sign up, you will move to the Sign up (rather than Sign in) page. You know you're in the right place when it says "Sign up for a Free Account."
The Sign Up page will take an email and a password. Once you enter a valid email and password, we will send you an email with a verification code to confirm the email you entered.
When you click Continue you will be prompted for the code that was sent to the email you used to Sign Up.
Your verification email will come from chariot-noreply@praetorian.com with the subject "Your verification code".
When you enter the code into the boxes provided, you will be authenticated into Chariot. Upon accessing Chariot for the first time, you will be presented with the Overview page:
This marks the beginning of your Chariot journey!
Set Your Root Domain
As you can see, you are prompted to set your root domain. In Chariot, your domain (e.g., MyWebsite.com) is referred to as an Asset. Once you add your root domain, Chariot will begin its search to find more of your Assets. Adding and starting the discovery process for more Assets means you're already already engaged in Attack Surface Management.
You may notice that there are two options below where you would enter your domain.
- Select Discovery Only to instruct Chariot to perform Asset discovery only. Chariot will scan the provided domain and engage a variety of techniques to discover additional Assets associated with that domain.
- Select Vulnerability Scan to perform Asset discovery and vulnerability scanning. In addition to discovering associated Assets, Chariot will scan all identified Assets with a robust suite of vulnerability detection capabilities. There is still a more comprehensive level of scanning, though, so keep this in mind if you'd like to dig deeper for vulnerabilities within your attack surface.
Build Your Attack Surface
After you've added your root domain, click on Build Your Attack Surface. This will allow you to begin the process to integrate a wide variety of services and expand the extent of your attack surface in Chariot. If there is a provider that you do not see in the list, reach out to support@praetorian.com.
Once you have clicked on the services you would like to integrate, the overview screen will you to set up each.
Note: If you would like to integrate more than one account for a provider, you can enter the ID for that account and then add another of the same type.
Whether you add additional services or not, Chariot will search out and add Assets related to your root domain.
Another note: You can manually add more Assets from the Assets page with the + Add Assets button.
With you attack surface building, you can set up notifications and workflow applications.
Set Risk Notifications
Click on Set Risk Notifications to set up Chariot alerts in your communication and workflow applications.
You can set up thresholds for alerts and where you want to receive them with a variety of integrations here. You can chose as many alert paths as you like.
You can also set up Chariot to send information into ticketing systems like Jira or ServiceNow so that vulnerabilities can be pushed right to your preferred platform to track remediation.
Note: Like with attack surface integrations, if you would like to integrate more than one account for a provider, you can enter the ID for that account and then add another of the same type.
Congratulations
You have successfully set up Chariot - congratulations! You can now review the remaining documentation to take full advantage of the Chariot platform.