External Attack Surface Assets

Use the External Attack Surface > Assets page to manage the seeds and assets that EASM is monitoring.

External Attack Surface pages in Ivanti Neurons will not show data initially. You first need to provide seed links to your organization's presence on the internet. Adding a seed lets Ivanti’s internet exposure scanner start assessing that seed’s attack surface. As EASM gathers data, associated asset and exposure information will show on this page and in the rest of EASM. This can take up to an hour or so.

At the top of the page are your Assets categories:

  • Assets (all)
  • Cloud assets
  • Active assets
  • SaaS assets
  • Name & mail servers

Selecting a blue number in an indicator applies a filter in the Assets list so it shows only those items. Select the filter button Image showing a button that looks like a funnel on a column header to see its selectable filters. The column chooser button Image showing column chooser button to the left of the search box lets you select which columns are visible.

Viewing asset details

Selecting an asset in the list takes you to the details page for that asset. This page includes information in these categories:

  • Exposures: If available, exposure information. Select an item in the Observation column to see details about that exposure and a list of assets affected by it.
  • Tech stacks: If available, the technology and software stacks detected on the asset.
  • Who is: If available, whois record information for the domain associated with the asset, such as who owns it, contact information, and when it was registered.

Adding and removing external attack surface seeds

Select the Manage seeds button on the Assets page to add or remove seeds for your organization.

Seed types that you can add include:

  • Domains
  • Hosts
  • URLs
  • APIs
  • Netblocks
  • ASNs (Autonomous System Numbers)

Seeds that you add must be accessible from the public internet, since that is where Ivanti’s vulnerability scanner operates. You can add seeds for organizations on the internet other than yours, but note that asset and exposure data gathered from those seeds will be part of your attack surface assessment.

To add a seed, select the Add seed button, select the Seed type, and enter the Seed name. You can add as many seeds as you need. Ivanti's exposure scanner uses the seed name to locate the internet resource you are adding. If the seed name is not resolvable, the exposure scanner will not be able to find it.

Removing a seed removes its asset and exposure data from EASM. To remove a seed, use its options menu and select Remove seed.