Getting Started with Delve - Quick Start Guide

This article explains the first steps to get started with Delve.

Adding Internet-facing Perimeter Assets

  1. Navigate to the "Autodiscovery" View.
  2. Click on the "+" icon at the upper right corner to add a new public Internet-facing IP range.
  3. Specify the IP range in CIDR notation in the window that appears, leave the "Edge Service" selection to "None (Internet)".
  4. Leave other settings to their default value.
  5. Press "Add and discover now".
  6. Don't forget to whitelist our public IP range 74.217.31.64/26 if you have protections in place (IPS, WAF, DDoS, etc.).

Adding Internal Assets

Request a new Edge Service

  1. Download a Generic VM image that fits your environment (extract using 7-zip).
  2. Login to your Delve account, and navigate to the settings (clicking on the man-icon and choosing "Settings" from the dropdown).
  3. Select "Edge Services" from the left menu.
  4. Click on the "+" icon at the upper right corner to request the creation of a new Edge Service.
  5. In the window that appears:
    1. Select the "Configuration Only" option.
    2. Give your Edge Service a Name and a Description.
    3. Press "Submit".
  6. Wait a couple of minutes for a cogwheel icon to appear at the left of your Edge Service row in Delve, click on it to copy your Configuration URL.

    Install this new Edge Service Internally

    1. Follow the Edge Service Setup Instructions.
    2. Create a new virtual machine with enough RAM, CPU, and using the previously downloaded generic disk image.
    3. Make sure this new virtual machine has an initial DHCP network adress (as specified in the Setup Instructions).
    4. Boot this Edge Service VM.
    5. Connect to the temporary configuration interface of the Edge Service VM and use your Configuration URL to finish the setup.
    6. Once setup, reboot the VM and wait 5 min to make sure it connects to Delve. The console status display, and the icon indicator in Delve should be green.

    Add your Internal (RFC1918) IP Ranges

    1. Navigate to the "Autodiscovery" View.
    2. Click on the "+" icon at the upper right corner to add your internal (RFC1918) IP range.
    3. Specify the IP range in CIDR notation in the window that appears, and select the newly created Edge Service in the "Edge Service" section. The connectivity icon should be green.
    4. Leave other settings to their default value.
    5. Press "Add and discover now".

    Managing Vulnerabilities

    By using the Vulnerabilities View

    1. Navigate to the "Vulnerabilities" View.
    2. Ensure that the vulnerabilities are sorted by "Priority" with the "1" on top of that list.
    3. Start by consulting vulnerabililities in that prioritized order, with the following simple workflow:

    Verify that the vulnerability is not a false positive (confirm the installed software and/or the vulnerable URL).

    • If it's a false positive, mark it as such and go to treat the next vulnerability.
    • If the vulnerability severity level is not the right one according to your judgement, you can update it and go to treat the next vulnerability.

    Update the vulnerable software and/or the vulnerable piece of Web application code.

    • You might need to extract the vulnerability information to communicate it to a sysadmin or Web developer, you can do so by selecting the vulnerability and using the "export" function at the top, in PDF or CSV format.

    Wait for the scans to update this vulnerability (if it is remediated it will dispapear from this view), or request an immediate re-scan of the asset.

    • If the vulnerability cannot be remediated, you can choose to snooze it for a specific period of time
    • If the vulnerability is remediated (software was updated and/or Web application code isn't exploitable anymore) but still appears in Delve after a successful scan of the same asset, you can mark it as a False-Positive.