Introduction to FortWatch
What is FortWatch?
FortWatch is a continuous vulnerability monitoring platform that scans your domains and IP addresses for security weaknesses. It combines industry-standard scanning engines — Nuclei for vulnerability detection and Nmap for port and service discovery — into a single, automated workflow.
How It Works
At its core, FortWatch follows a straightforward process:
- Add your assets — Register the domains and IP addresses you want to monitor.
- Automatic validation — FortWatch verifies each asset is reachable via DNS resolution, HTTP checks, and CDN detection.
- Continuous scanning — Once validated, assets are scanned on a configurable schedule (daily, weekly, or monthly).
- Findings and issues — Scan results are organized into findings (raw scanner output) and issues (tracked, actionable items that need attention).
- AI-powered analysis — Get detailed remediation guidance and risk assessments powered by AI.
Key Concepts
- Projects — Organize your assets into logical groups with color-coded icons.
- Assets — Individual domains or IP addresses that FortWatch monitors.
- Findings — Raw output from scanners, representing every detected vulnerability or open port.
- Issues — Tracked, actionable security items automatically created from critical and high-severity findings.
- Threat Level — A 0-100 score that represents the overall security posture of your infrastructure.
What FortWatch Scans For
FortWatch detects a wide range of security concerns including:
- Known vulnerabilities (CVEs) in web applications and services
- Missing security headers (Content-Security-Policy, X-Frame-Options, etc.)
- SSL/TLS misconfigurations and certificate issues
- Open ports and exposed services
- Web server misconfigurations (Nginx, Apache)
- Service version detection for outdated software
- OS fingerprinting to identify unpatched systems