Skip to content

Quick Start

Getting Started

This guide walks you through signing up and getting your first meaningful monitoring coverage set up in about 10 minutes.

Step 1 — Create your account

Go to app.nob.center/signup and fill in:

  • Company Name — your organization's name (3–100 characters)
  • Starting Domain — the root domain you want to monitor first, e.g. example.com
  • Email Address — a verification link will be sent here
  • Password — minimum 8 characters

Accept the Terms of Service and click Create Account.

quickstart-signup-form.png

The signup form at app.nob.center/signup

You will receive a verification email. Click the link in the email to activate your account and land on the dashboard.

Note

The starting domain you enter is used to pre-populate your first CT-Log filter (wide match for yourdomain.com). You can add more domains immediately after signup.

Step 2 — Explore the dashboard

After email verification you land on the Dashboard. On a fresh account the audit score panels will show placeholder data — they populate after your first monitoring data arrives.

quickstart-dashboard-fresh.png

Dashboard immediately after signup, before monitoring data has been collected

The sidebar shows the four monitoring modules. Your starting domain is already registered as a CT-Log filter — you'll see certificate matches here within hours as CT logs are tailed in real time.

Step 3 — Add CT-Log filters

Navigate to Certificate Transparency in the sidebar.

The Domain Filters table already contains a wide-match filter for your starting domain. A wide match for example.com catches certificates for example.com, www.example.com, api.example.com, and any other subdomain.

To add additional domains or refine your coverage:

  1. Click Add Filter
  2. Enter a pattern — e.g. *.example.com or subsidiary.com
  3. Choose Wide (includes all subdomains) or Exact (exact domain only)
  4. Optionally enable the Feed into DNS Watcher or Feed into Cert Watcher toggles to route newly-seen domains into those modules automatically
  5. Click Save

quickstart-add-filter.png

The Add Filter modal with wide match selected

Tip

Use wide match for root domains you own. Use exact match when you want to track one specific hostname without catching all subdomains.

Step 4 — Set up DNS monitoring

Navigate to DNS Monitoring in the sidebar.

  1. Click Add Domain
  2. Enter a root domain, e.g. example.com
  3. Leave Auto-discover checked (recommended) — the system probes for common record types and suggests which ones to track
  4. Click Save

After saving, a modal shows the discovered records. Review the list and check the ones you want to monitor. Typical starting selections:

  • example.com A, MX, NS, TXT
  • example.com CAA (if you have a CAA record)
  • Key subdomains that appeared in your CT-Log feed

quickstart-dns-add-domain.png

The Add Domain modal with auto-discover enabled

quickstart-dns-record-selection.png

Selecting records to monitor after auto-discovery

Once records are saved, DNS-Watcher begins taking snapshots on its scheduled cycle. Changes will appear in Recent DNS Changes as they are detected.

Step 5 — Add RDAP monitoring

Navigate to RDAP / WHOIS in the sidebar.

  1. Click Add Domain
  2. Enter the root domain
  3. Click Save

That's it — no record selection required. The scraper fetches the full RDAP record from the registry on each cycle and stores a snapshot. You can view the current snapshot and compare to previous ones using the History viewer.

quickstart-rdap-add.png

Adding a domain to RDAP monitoring

Step 6 — Set up certificate deployment monitoring

Navigate to Certificate Deployment in the sidebar.

  1. Click Add Monitor
  2. Enter the Common Name — the hostname the certificate should be valid for, e.g. www.example.com
  3. Set the Port (default: 443)
  4. For automatic IP resolution: enter the hostname in Target DNS Name — the scanner will resolve it and scan all resulting IPs
  5. Alternatively, enter IP addresses manually under Manual IP Targets
  6. Click Save

quickstart-cert-add-monitor.png

Adding a certificate monitor with DNS-based auto-resolution

The scanner will connect to each target IP on the next scheduled cycle and store the certificate details, protocol information, and cipher suite data.

Step 7 — Create your first alert rule

Every module has its own alert rules. Start with a high-value rule: get notified when a new CT certificate is issued for your domain by an unexpected CA.

Navigate to Certificate Transparency → Alert Rules.

First, create a template

  1. Click New Template
  2. Give it a name, e.g. Email - Security Team
  3. Set Frequency Mode to Immediate
  4. Add an Email destination and enter your email address
  5. Click Save Template

Then, create a rule

  1. Click New Rule
  2. Name it, e.g. Unexpected issuer
  3. Set Severity to High
  4. Select the template you just created
  5. In the Condition editor, enter:
!cert.issuer.contains("Let's Encrypt") && !cert.issuer.contains("DigiCert")

Adjust the issuers to match your expected CAs.

  1. Click Save Rule

quickstart-alert-rule-editor.png

The alert rule editor with CEL condition and Monaco editor

Tip

The rule editor's Available fields hint lists every variable your CEL expression can reference. See Alerting Model for a full reference.

Step 8 — Review the dashboard

Return to the Dashboard. Within 24 hours of your first monitoring data arriving, the audit snapshot will begin to populate with:

  • An overall score (A–F)
  • Category breakdowns (CT coverage, DNS, Certificates, RDAP)
  • Open findings — specific issues detected by the rule engine
  • Notable activity — recent changes across all modules

quickstart-dashboard-populated.png

Dashboard with audit score and findings populated

What's next?