Tour the Attack Surface Dashboard in Attack Surface Management
The dashboard in Attack Surface Management includes multiple views of your attack surface and alerts you about security issues that can compromise your organization.
The default view of the dashboard is unfiltered, listing all of the assets Censys Attack Surface Management gathered information about.
In the unfiltered view, the bar chart shows a view of assets by environment. This view lets you understand at a glance whether the bulk of your Internet presence is located in the cloud, on shared infrastructure, or elsewhere.
The first section sums your organization’s total asset counts by type. Each card shows a total count of assets. The smaller number indicates how many new assets were added to your attack surface in the time frame selected in the upper right of the dashboard.
-
IPs: A computer or service connected to the Internet that’s located at and identified by an IP address.
-
Domains: Names serving as a domain in the Domain Name System (DNS) with a format commonly known as an eTLD+1 (for example, censys.io).
-
Subdomains: Subdomains are names that resolve to hosts that are part of your attack surface.
-
Storage Buckets: Containers provided by a cloud object storage service that are related by name or keyword to your organization.
-
Certificates: X.509 certificates related to your organization, found by querying public Certificate Transparency logs and when scanning the Internet.
-
Software: Software packages and versions detected during hosts scans.
The next section shows a list of top risks affecting your organization and a map of host locations.
This area shows a preview of the most serious risks affecting your organization’s assets, filtered by severity and number of affected assets. The list changes based on the environment selected at the top of the Dashboard.
The next section shows hosts by their discovery source and metric trends regarding asset and risk counts.
In this section, Censys Attack Surface Management uses discovery source to classify hosts in your attack surface as known or unknown. Knowing whether a host was found from a provided asset such as a CIDR block or from a cloud connector allows you to engage with risks and administrative tasks from an ownership perspective.
Use the 3 main filters on the dashboard to view the environments where your attack surface is located.
Attack surface management in the cloud is a high priority because of the proliferation of accounts, the accessibility of free-tier services, and how easy it is to misconfigure settings. This filter shows applicable Dashboard panels populated with Cloud data.
Censys Attack Surface Management includes the following cloud service providers (CSPs) in its definition of cloud:
-
Amazon AWS
-
Google Cloud
-
Microsoft Azure
-
Alibaba Cloud
-
Soft Layer Technologies Inc.
-
Tencent Cloud
-
Digital Ocean Inc.
-
Hetzner Online
-
Verizon Communications Inc.
-
Oracle Cloud
-
Huawei Cloud Service
-
US Signal
-
Switch Communications Group LLC
-
Internap Corporation
-
Tier Point LLC
-
American Internet Services
-
Arvixe
-
Cologix Inc.
-
Confluence Networks Inc.
If a host, domain, subdomain, or storage bucket is found within these CSPs, they are considered Cloud assets.
Read articles about the information included about your organization’s hosts, domains, certificates, and risks to learn how to leverage the rich data of the Attack Surface Management platform and enhance your Internet security.
Comments
0 comments
Article is closed for comments.