Frequently Asked Questions

RedGem provides comprehensive global IP address coverage with enterprise-grade scanning capabilities. We continuously scan the entire IPv4 address space (~3.8 billion unique IPs) and an extensive portion of the IPv6 address space (~300 million unique IPs). Our data is fully IPv4 & IPv6 compliant, with clear identification of data types through our IPv6 field indicator. This includes DNS resolution data for both IPv6 & IPv4 addresses, providing complete visibility across all internet protocols.

We scan over 1,300 ports across all monitored assets, with our comprehensive port list available in our technical documentation. This extensive list is regularly updated and expanded to include new high-value ports. We prioritize "interesting ports" - those that are actively exploited by cybercriminals in the wild, ensuring our scanning focuses on the most security-relevant services and potential attack vectors.

RedGem performs continuous monitoring with different scan frequencies based on asset criticality and change patterns. Critical assets are scanned multiple times daily, while standard assets receive comprehensive scans every 24-48 hours. Our real-time monitoring system immediately alerts you to any significant changes in your attack surface.

Our scanning infrastructure utilizes distributed global sensors and advanced detection algorithms to ensure high accuracy rates. We cross-validate findings across multiple scan sources and employ machine learning to reduce false positives. Our data accuracy rate exceeds 98% for active services and open ports.

RedGem's asset discovery engine combines multiple techniques including subdomain enumeration, certificate transparency logs, DNS reconnaissance, and passive network analysis. We continuously discover new assets associated with your organization and automatically add them to your monitoring scope.

We maintain comprehensive historical data for all monitored assets. Standard accounts receive 12 months of historical data, while enterprise accounts can access up to 24 months. This enables trend analysis, compliance reporting, and forensic investigation capabilities.

RedGem utilizes a globally distributed scanning infrastructure with IP addresses strategically positioned across multiple continents. Our scanning network includes nodes in Europe, United States, Hong Kong, and Singapore, providing diverse geographical perspectives of exposed devices and services. This multi-location approach enables us to detect region-specific accessibility patterns and network configurations. Our platform includes advanced filtering capabilities that allow you to view scan results from specific geographic locations, providing valuable insights into how your assets appear from different parts of the world.

Yes, RedGem provides comprehensive TLS certificate information through two primary data categories. In our datascan category, we actively negotiate TLS connections across specific ports and maintain detailed certificate data including validity periods, issuer information, and cryptographic details. Additionally, we leverage Certificate Transparency Logs (CTL) as a major source of DNS-related intelligence, providing extensive certificate discovery and monitoring capabilities. This dual approach ensures complete visibility into both active certificate deployments and historical certificate transparency records.

RedGem delivers extensive technology identification capabilities across multiple scanning categories. For synscan operations, we provide detailed OS fingerprinting covering major operating systems including Linux, Windows, SunOS, FreeBSD, and others. Our datascan category identifies approximately 20,000 distinct software and hardware technologies using standardized CPE (Common Platform Enumeration) normalization. Furthermore, we perform comprehensive CVE (Common Vulnerabilities and Exposures) lookups to identify potential security exposures, focusing exclusively on remotely exploitable vulnerabilities that require no authentication and maintain a CVSS score of 7.5 or higher, ensuring relevance to critical security threats.