Account Setup and Initial Seeding Account Setup and Initial Seeding

Account Setup and Initial Seeding

This page offers step-by-step instructions to sign up, add a root domain seed, and initiate continuous vulnerability scanning in Chariot.

Sign up

Navigate to https://preview.chariot.praetorian.com. Select your geographic region (United States - East in the image below) and click Continue to Login

first-landing-page.png

On the next page, click Sign up to create an account:

On the following page, provide your email address and choose a password that complies with the specified password policy. After clicking Sign up, Chariot will display a prompt for an email verification code.

Screenshot 2024-05-28 at 3.24.25 PM.png

Verify email address

The code is sent to your email address used in the sign up. It comes from no-reply@verificationemail.com and reads as follows:

Screenshot 2024-05-28 at 3.19.49 PM.png

Enter the verification code in the Confirm your account dialog. If successful, Chariot will sign you in immediately.

Please see the Signing up article for additional information.

 

Sign in and add the first seed

Upon first login, Chariot will present you with the following dialogue box to add your first seed. A seed is an origin point for Chariot to discover assets and risks. Your first seed will generally be your company's root domain, but seeds can also be CIDR ranges, individual hostnames or IP addresses, and Github organizations/repositories.

Add your organization's root domain in the initial prompt box. You can add your remaining seeds later:

Click Scan Now to add the seeds. Upon adding a new seed, Chariot will use the seed to enumerate assets, scan each asset for risks, and set a cadence to regularly scan each discovered asset. 

Chariot will take a few minutes to enumerate and scan your first seed. Feel free to grab a cup of coffee while Chariot does its work.

At this point, several definitions may be helpful for the reader:

  • Seed: A seed is a string that represents a starting point for Chariot to discover assets. Chariot can add seeds for root domains, hostnames, IP addresses, CIDR ranges, GitHub organizations, and more.
  • Asset: An asset is a publicly accessible entity that Chariot will regularly scan for risks. Most frequently, a Chariot asset represents one publicly accessible machine with a unique IP address, but assets can also represent GitHub repositories or certain cloud components.
  • Risk: A risk is an exploitable weakness that Chariot detects in one or more assets. 
  • Job: A job is a single task that Chariot runs to enumerate information in an environment. Some common examples include port scanning, TLS certificate mining, vulnerability scanning, and password guessing.

For more information on seeds, please refer to Adding and Managing Seeds.

Inspect your jobs

When you add a seed, Chariot initiates several jobs to enumerate information about the seed. You can monitor Chariot's jobs by clicking the bell icon in the top right corner of the browser window. 

Clicking View All brings you to the Jobs page, which lists all jobs in your account from the past 24 hours:

For each job, its status (Queued, Running, Completed, Failed) and associated metadata. For more information on jobs, please see Jobs

Inspect your assets

The first few jobs Chariot runs against a seed will enumerate assets. Discovered assets are populated under the Assets page, which is accessible from the Attack Surface menu in the top left corner:

Chariot uses a variety of techniques, such as DNS querying, sub-domain enumeration, TLS mining, web crawling, and proprietary scanners to enumerate your assets. Whenever Chariot detects a new unique IP address, it will create an asset item to represent it:

Clicking an asset brings up a details drawer, displaying associated metadata about the asset:

For more information on assets in Chariot, please refer to Managing Assets.

View risks

After enumerating assets in your environment, Chariot will scan each asset for risks. Each risk represents an exploitable weakness in your environment. Risks can include software vulnerabilities, server misconfigurations, weak credentials, and other potential issues.

You can view all risks in your environment from the Risks tab, accessible in the Attack Surface drop-down menu:

The Risks page displays each risk in a table, like so:

Our dedicated managed services team manually triages all detected findings, marking true positives as Open. You can trust that all Open findings represent 100% verified issues.

Click on a risk to inspect the details:

For more information on risks, please read Exploring and Managing Risks

View proof of exploit

The Proof of Exploit button provides detailed metadata for each risk:

Clicking this button reveals everything needed to independently recreate the finding, including the detection rule, command, and relevant request-response pair. This information acts as a "receipt" for each risk detected by Chariot:

Clicking the Copy Command button will copy the associated command from the Proof of Exploit metadata to your clipboard. You can paste this command directly into a terminal to independently verify the risk.

Congratulations

You have successfully set up Chariot - congratulations! You can now review the remaining documentation to take full advantage of the Chariot platform.

Articles in this section