Transparency is a critical feature for security tools. We want you to understand how MSJ Guardian works to help build your trust.
We send a verification email to you when you signup. When the validation link is submitted, we accept that you have access to the domain, and we queue your first report.
The first step in the scan is to identify your website. For example, if you sign up as firstname.lastname@example.org, the system will make a web request to msj.io and attempt to find the website that you direct users to. This final site is often www.yoursite.com, or www.msj.io in our case, but not always. Guardian then identifies if your site uses HTTPS and HTTP.
From there, the system queues several jobs to be processed to scan your site.
The second step is to identify hosts that have addresses on your domain. Host identification runs DNS queries against a list of common hostnames plus your domain name. For example, we look if mail.msj.io exists.
We queue additional jobs to run against the identified hosts.
There are now several additional jobs. Each one has a different task. Examples of functions are below.
And the list keeps growing as our toolset expands.
When all jobs have run, we mark the report as complete and notify you via email.
The output can be confusing. We're here to answer questions and help you improve while your questions also help us improve.