Research Shows 50% of SSH Exposure Found on Non-Standard Ports; Detectify Launches IP Range Scanning to Close Critical Visibility Gaps
Detectify, the Swedish application security testing platform built and trusted by hackers, has launched IP Range Scanning to continuously discover and monitor entire blocks of IP addresses, helping security teams find forgotten assets and hidden risks before attackers exploit them.
Many organizations are sitting on forgotten IP addresses that have become entry points for cyberattacks. While millions have been spent securing public-facing websites, legacy tools can miss large parts of the attack surface due to noise and stale data.
Detectify’s research shows how serious this gap is: SSH appeared on non-standard ports nearly as often as on port 22, suggesting that teams that only check standard ports may miss a significant number of exposed services. Additionally, high-risk services such as Redis and MongoDB are often exposed on raw IP addresses without associated domains, leaving them invisible to many traditional tools.
Detectify’s IP Range Scanning prioritizes high-fidelity discovery across large network segments, delivering greater accuracy and reducing blind spots. With this release, customers can benefit from:
- Onboarding entire CIDR blocks in seconds: Gain continuous visibility into the infrastructure behind their networks, from legacy systems to rapidly expanding environments.
- Identifying hidden services: Uncover everything from remote desktops and databases to web applications, powered by Protocol Discovery that goes beyond simple port detection.
- Bridging the gap to testing: When a web application is detected, Detectify automatically transitions to deep security testing.
“Security teams have been trapped between fast but shallow mass-scanners and slow, legacy enterprise tools that produce too much noise,” says Rickard Carlsson, CEO and Co-founder of Detectify. “We’re ending that era of guesswork. If it’s on your network, we will find it and verify if it’s actually exploitable.”
Scanning entire IP ranges, not just domains, gives organizations a more complete view of their exposed attack surface. Continuous discovery across those ranges helps teams identify forgotten or unmanaged assets early, improving visibility and reducing the risk that overlooked weaknesses will be exploited.
“We don’t believe in half-measures. You either see your entire network, or you’re vulnerable. We’ve built the technology to bridge the gap between domain monitoring and the underlying IP infrastructure, because a blind spot is just a breach waiting to happen,” Carlsson concludes.