External Attack Surface Exposures

Use the External Attack Surface > Exposures page to view details on exposures detected by EASM.

At the top of the page are your Exposures key performance indicators:

  • Exposed internal assets
  • High risk services
  • Ransomware
  • RCE/PE (Remote Code Execution/Privilege Escalation)
  • Email and IP breaches
  • CISA KEVs (Known Exploited Vulnerability)

Selecting a blue number in an indicator applies a filter in the Exposures list so it shows only those items.

Filtering the exposures list

You can filter these exposure list columns:

  • Severity, such as high or critical.
  • Vector, such as data leaks or patching cadence.
  • Status, such as open or closed. A closed status means the vulnerability was not detected.
  • Tags, such as ransomware or public.

Select the filter button Image showing a button that looks like a funnel on a column header to see its selectable filters. The column chooser button Image showing column chooser button to the left of the search field lets you select which columns are visible.

Use the Export button to export the exposures list to Excel (.xslx) or text (.csv). Any column filters you have applied will also apply to the export.

Viewing CVE details

Selecting an exposure CVE number in the list takes you to the details page for that CVE. This page includes extensive information in these categories:

  • Summary: Links to relevant patches, release notes, vendor and third-party advisories.
  • Vulnerabilities: Lists the CVEs associated with the exposure you selected. Some exposures have more than one CVE. Common Weakness Enumerations (CWE) are also listed, along with the platforms affected.
  • Threats: Lists the threats associated with the CVE and links to sites with more details.
  • Fixes: Links to fixes for the exposure. Not all CVEs have fixes. This section will not appear if no fixes are available, but you can still refer to the recommended patches section in the summary.
  • Impacted assets: Lists the assets affected by the CVE.

Marking an exposure as resolved

When you know that you have fixed an exposure, you can mark it resolved. Resolving an exposure removes it from the Exposures list. Data from exposures with a resolved state also contribute to many of the widgets on other pages.

To mark an exposure as resolved

  1. Select Attack Surface > Exposures.
  2. Find the exposures that you want to mark.
  3. In the Resolve column, select the box next to those exposures.
  4. Select the Resolve button at the top of the list.
  5. The resolve exposures box appears. Select the reason you are marking them fixed and enter a summary of the resolution.
  6. Select Resolve exposure.