Skip to main content

External Monitoring for Suppliers

This articles covers how to use External Monitoring, the different scan types and covers the privacy and security standards we implement within this feature

Written by ish
Updated this week

What is External Monitoring?

External Monitoring is a feature that helps you understand your organization's security posture from an outside perspective. It currently scans your Port, Email, Web and DNS security configurations to identify potential security improvements.

To quickly get started using External Monitoring, you can do the following:

  1. Visit the External Monitoring section in your Risk Ledger account

  2. Verify/add your assets

  3. Check your security findings

Below, we'll unpack the scan categories, how to add/verify assets and how to check your findings.

Scan Categories

External Monitoring continuously scans publicly accessible parts of your organisation’s digital footprint to identify common security risks, including:

Web, Email and DNS Scans:

  • Web security headers (TLS, CSP, HSTS, HTTP)

  • Email authentication (SPF, DKIM, DMARC)

  • DNS configuration checks

Port Scans:

  • 50+ critical ports including Remote Access, Database, Web Services & Management, File Sharing, and Infrastructure

These checks help highlight potential exposures that could be visible to attackers and provide early visibility so they can be reviewed and addressed where necessary.

To check your scans, navigate to Monitoring > Scan Categories.

Full Guide: Scan Categories and Technical Configurations

Assets

As part of External Monitoring, Risk Ledger may automatically discover internet-facing assets associated with your organisation.

  • New assets may appear over time as your organisation’s external footprint changes.

  • You should review newly discovered assets to confirm whether they belong to your organisation.

  • Verify assets that belong to you so they can be included in ongoing monitoring.

  • Exclude assets that are not yours to keep your asset list accurate.

Keeping your assets reviewed and verified ensures monitoring reflects your organisation’s real external exposure.

To check your Assets, navigate to Monitoring > Assets.

Full Guide: Verifying your Assets

Findings

External Monitoring scans may generate findings, which highlight potential security exposures or configuration issues detected on your organisation’s internet-facing assets. These findings help you quickly identify areas that may require review or remediation, improving visibility over your external security posture.

Each finding is assigned a severity level (for example: critical, high, medium, or low) to help prioritise what should be investigated first. This makes it easier to focus on the issues that may present the greatest potential risk.

To check your findings, navigate to Monitoring > Findings.

Full Guide: Checking your Findings

Privacy & Security

Who can see my scan results?

Scan results are visible to External Monitoring customers, which allows them to see scan results alongside your assessment and Risk Ledger. This will help you:

  • Demonstrate your security posture with objective data

  • Support your assessment responses with evidence

  • Show your commitment to security improvements

Is the scanning process secure?

Yes. Our scanning process:

  • Follows industry best practices for security testing

  • Only checks publicly available security configurations

  • Never attempts to exploit vulnerabilities or access private data

What data do you collect?

We only collect information from public DNS records and web server responses, similar to what any web browser would receive. This includes:

  • Email security configurations (SPF, DMARC)

  • Web security headers

  • SSL/TLS certificate information

Can I add or remove assets to scan?

  • Yes, you can manage your assets at any time through the External Monitoring interface.

  • Please note that we use the registered website on your profile as an initial system asset, and to change this you can update the website on your profile.

  • You may also make assets inactive if they are no longer in use.

How often are scans performed?

  • DNS and Web security checks (TLS, CSP, HSTS, HTTP headers) run weekly

  • Email security checks (SPF, DMARC, DKIM) run weekly

  • Port security checks run weekly

Suppliers can manually trigger a rescan of email security checks at any time, from a finding directly

💡 If there is anything we haven't covered, please feel free to contact us at support@riskledger.com or alternatively, select the Chat icon in the bottom right corner.

Did this answer your question?