External Attack Surface Assets and Reports
Use the External Attack Surface > Assets page to manage the assets that EASM is monitoring. When you add a seed, Ivanti’s internet exposure scanner will assess that seed’s attack surface, and the associated asset and exposure information will show on this page.
External Attack Surface pages in Ivanti Neurons will not show data initially. You first need to provide seed links to your organization's presence on the internet.
At the top of the page are your Assets categories:
- Assets (all)
- Cloud assets
- Active assets
- SaaS assets
- Name & mail servers
Selecting a blue number in an indicator applies a filter in the Assets list so it shows only those items. Select the filter button on a column header to see its selectable filters. The column chooser button to the left of the search field lets you select which columns are visible.
Quick Filters at the top of the table provide additional filtering based on data gathered from your assets. The available selections within a quick filter depend on what EASM has detected in your assets. Quick filters work in combination with column filters.
Viewing asset details
Selecting an asset in the list takes you to the details page for that asset. This page includes information in these categories:
- Exposures: If available, exposure information. Select an item in the Observation column to see details about that exposure and a list of assets affected by it.
- Tech stacks: If available, the technology and software stacks detected on the asset.
- Who is: If available, whois record information for the domain associated with the asset, such as who owns it, contact information, and when it was registered.
Setting asset criticality
Use asset criticality to organize your assets by importance. Asset Criticality is a column in the assets table that you can filter. Asset criticality does not affect vulnerability scoring. It's purpose is to help you prioritize your assets while viewing the Assets page. 3 - Neutral is the default criticality for discovered assets.
Available criticality levels:
- 1 - Business Critical
- 2- Important
- 3 - Neutral
- 4 - Minor
- 5 - None
You can assign criticality on an individual asset by selecting it, which opens the asset details page. In the Criticality section, select Update. Select the criticality you want.
To assign a criticality to multiple assets, select the ones you want by checking the box next to them. Select Update Criticality at the top of the table and select the criticality you want.
Creating an asset and exposure report
Use the External Attack Surface > Reports page to generate a PDF report on all assets and exposures. These reports can be quite large and may take a while to generate. Generating a report can be helpful when you need to share EASM data with others in your organization who may not have access to Ivanti Neurons.
The reports list will indicate whether the report status is In Progress or Complete. In progress reports can be cancelled. Once the report status is complete, use the action menu on the right to either Download it or Delete it.
The report includes information in many categories, including these:
- Attack surface overview
- Asset distribution
- Key exposures
- Technology stacks
- Exposures and remediations by risk vector
- Data leaks
- Networking, cloud, email, and application security