Ivanti Neurons for External Attack Surface Management

Ivanti Neurons for External Attack Surface Management (EASM) is available when you have the appropriate license from Ivanti. Licensed tenants will see External Attack Surface in the main menu.

An organization’s external attack surface is the sum of known and unknown assets that are visible to the internet. These assets can be places where unauthorized users attempt to enter or extract data from your environment.

Potentially vulnerable assets can include:

  • Managed assets: Endpoints, servers, networks, mobile devices, and IoT devices.
  • Unknown assets: Shadow IT, cloud stores, test data, code repositories, and unused credentials.
  • Third-party assets: Contractors, hosted data, JavaScripts, cloud services, and APIs.

Ivanti Neurons for External Attack Surface Management will help you:

  • Discover all digital assets, both known and potentially unknown.
  • Classify and fingerprint assets to prioritize exposures based on severity and asset criticality.
  • Prioritize exposures that need immediate attention, backed by threat intelligence.
  • Provide your team with actionable insights.

EASM data does not come from agents. There is no agent installation required. The data is publicly accessible, gathered passively by Ivanti’s internet exposure scanner, and is what a potential attacker might be able to obtain.

Attack Surface pages in Ivanti Neurons will not show data initially. You first need to provide seed links to your organization's presence on the internet. This is done from the External Attack Surface > Assets page. Ivanti’s internet exposure scanner will then scan those seeds and report on assets and exposures that it finds.

Concepts and terminology

You will see these terms and acronyms in the EASM user interface.

  • Vulnerability Risk Score (VRS) is specific to Ivanti Neurons and factors in weaponization associations and whether the Ivanti penetration testing team has demonstrated exploitation of the flaw or weakness during one of the hundreds of real-world assessments they have completed. VRS offers a 0-10 scale where higher is more severe, just like CVSS.
  • Common Vulnerability Scoring System (CVSS) is an open industry standard 0-10 severity scale maintained by the nonprofit FIRST - Improving Security Together (Forum of Incident Response and Security Teams) and are associated with many CVE (Common Vulnerabilities and Exposures) and CWE (Common Weakness Enumeration) entries maintained by MITRE. Ivanti Neurons can display CVSS v2 and v3 scoring.
  • Severity represents the highest CVSS score for any CVE or CWE associated with a scanner finding. In the case of a finding being correlated to CVE values of 9.0, 7.1, 7.8, and 10.0, the Severity score would be calculated as a 10.