Attack Surface Exposure (ASE) Overview
The Attack Surface Exposure (ASE) scans publicly exposed domains, subdomains, and digital assets for vulnerabilities and misconfigurations. These publicly exposed systems can be potential entry points for attackers. When onboarding customers onto the Resolution Intelligence Cloud platform, two key details are collected: the domain name and the email domain. Using these details, the ASE automatically discovers publicly accessible or exposed digital assets, scanning for potential problems or weaknesses that could be exploited by hackers.
Adding and Monitoring Additional Assets
The Resolution Intelligence Cloud interface allows users to add additional domains, IP addresses, and subdomains that were not automatically detected by ASE. If you want to monitor additional domains, you can manually add them in Discovery policies. Whenever the ASE runs its scans, it also checks the additional assets (domains, sub domains or IPs) specified in the Discovery policies for threats or misconfigurations. Customers can view the list of monitored domains, sub domains, squatted domains, IPs and other vulnerabilities in the Discovery Policies tab of the Attack Surface Exposure dashboard.
Excluding Assets from Monitoring
There is also an option to exclude certain domains and subdomains from being monitored. This can be useful if an IP address no longer belongs to the customer. Using the exclude functionality in Discovery policies, customers can specify assets to be excluded from scans. As a result, any signals created for these IP addresses will be closed, and no new alerts will be generated.
Customer Plans and Limits
Each customer subscribes to a plan that allows them to add a maximum number of domains and subdomains. For example, if the plan supports a maximum of 5 domains and 250 subdomains, customers needing to add more domains should upgrade their plan.
Comments
0 comments
Please sign in to leave a comment.