EASM Inventory
The EASM Inventory page provides a highly customizable grid that displays a list of all discovered assets, services and potential vulnerabilities that are accessible from the internet.
This page contains the following areas:
The Smart views panel toggle button. This feature allows you to customize, save, and switch between different loadouts of the EASM Inventory page.
The panel has the following sections:
All assets - Displays all assets in the company's network, providing a comprehensive view of all discovered entities.
ASN reports - Shows reports related to Autonomous System Numbers (ASN), which represent collections of IP networks managed by one or more network operators.
Certificate reports - Lists reports on security certificates found within the network, including details on issuer, expiration, and validity.
Discovered IPs - Displays all IP addresses discovered in the company's network, including both IPv4 and IPv6 addresses.
Discovered Emails - Shows all email addresses discovered within the network, useful for identifying potential points of contact or targets for phishing attacks.
Discovered Domains - Lists all domain names discovered in the company's network, aiding in the identification of owned or potentially malicious domains.
DNS Records - Displays all discovered DNS records, providing insights into domain configurations, associated IP addresses, and potential misconfigurations.
Services - Shows all discovered services running on the network, including web servers, mail servers, and other critical services.
For any view in the Saved or Favorites category, you can click
to Rename or Delete the view.The View options menu. This section provides you with multiple functions for working with views:
Save: use this option to save changes you make to a saved view.
Save as: allows you to save a modified view under a different name.
Discard changes: reverts the saved view to its original state.
Add to favorites: adds the view to the Favorites category.
Show or hide filters - hide or display the filters menu.
Open settings - Displays the Settings panel.
You can use this panel to customize what columns are displayed in the view and enable or disable the Compact view.
The Scan configuration button. The button provides you perform, configure, and schedule scans that detect new assets or changes to previously detected ones. For more information, refer to Configure, run, or schedule scans.
The Include in scan button.
The Exclude from Scan button.
The Filters section. You can use these options to customize the incidents that are displayed in the below grid.
The following filters are currently available:
Filtering option
Details
Asset name
Select one or more of the names of the specific assets you want to display.
Only the selected assets are displayed.
Asset type
Select one or more of the following asset types:
ASN reports - An asset detailing Autonomous System Numbers (ASNs), which represent collections of IP networks managed by one or more network operators.
Certificates - Provides information on security certificates found within the network, including details on the issuer, expiration dates, and validity.
Domain - Represents a domain of the company that is publicly exposed to the internet.
Similar domain - A domain that closely resembles another domain name, and may be used to identify potential typosquatting or phishing domains.
DNS record - A record in the Domain Name System (DNS) that maps domain names to various types of data, such as IP addresses, mail servers, or other services.
IP block - A range of IP addresses assigned to a network or an organization, often used for routing and identification purposes.
IPv4 - An IPv4 address exposed to the internet
IPv6 - An IPv6 address exposed to the internet
Email - Email addresses used by the company that are are publicly exposed to the internet.
Service - A service exposed to the internet.
Name server - A server that provides responses to queries against a directory service, mapping domain names to IP addresses.
Only assets of the selected type are displayed.
Asset status
Select one or more of the following asset statuses:
No action taken
Include in next scan
Exclude from scan
Only assets of the selected status are displayed.
Email
Type in a complete or partial email address for the asset you are looking for.
Only assets with matching email addresses are displayed.
Domain
Type in a complete or partial domain for the asset you are looking for.
Only assets with matching domains are displayed.
IP
Type in a complete or partial IP for the asset you are looking for.
Only assets with matching IPs are displayed.
Country
Type in the country for the assets you are looking for.
Only assets associated with the entered country are displayed.
Operator
Type in the operator for the assets you are looking for.
Only assets associated with the entered operator are displayed.
ID
Type in a complete or partial ID number for the asset you are looking for.
Only assets with matching IDs are displayed.
Issuer CA ID
Type in a complete or partial Issuer CA ID for the asset you are looking for.
Only assets with matching IDs are displayed.
Issuer name
Type in a complete or partial name for the asset you are looking for.
Only assets with issuer names are displayed.
Expiration status
Filter by the expiration status of the assets.
Select one or more of the expiration statuses from the list.
Only assets with the selected expiration status are displayed.
Valid from
Filter by the start date of the asset's validity period.
Only assets valid from the specified date are displayed.
Valid until
Filter by the end date of the asset's validity period.
Only assets valid until the specified date are displayed.
Serial number
Type in the serial number of the asset you are looking for.
Only assets with matching serial numbers are displayed.
Record type
Type in a complete or partial record type for the asset you are looking for.
Only assets with the selected record type are displayed.
Mail server
Type in the mail server associated with the asset you are looking for.
Only assets with matching mail servers are displayed.
Name server
Type in the name server associated with the asset you are looking for.
Only assets with matching name servers are displayed.
CNAME
Type in the canonical name (CNAME) associated with the asset you are looking for.
Only assets with matching CNAMEs are displayed.
Port
Type in the port number associated with the asset you are looking for.
Only assets with matching port numbers are displayed.
Protocol
Type in the protocol associated with the asset you are looking for.
Only assets with matching protocols are displayed.
CVEs
Type in the Common Vulnerabilities and Exposures (CVEs) associated with the asset you are looking for.
Only assets with matching CVEs are displayed.
Vulnerable to zone transfer
Indicate if the asset is vulnerable to zone transfer.
Only assets with the specified vulnerability status are displayed.
Related to
Select an incident from the drop-down list.
Only assets related to the selected incident are displayed.
The Inventory Grid. The grid displays all discovered assets that conform to the currently applied filter.
The information available for each incidents is displayed under the following columns:
Company - The name of the company where the asset was discovered.
Select the checkbox next to each incident number to include the incident when performing an Include in scan or Exclude from scan bulk action.
Asset name - The name of the asset.
Asset type - The type of the asset.
Asset status - The current status of the asset.
Email - The email address associated with the asset.
Domain - The domain name associated with the asset.
IP - The IP address associated with the asset.
Country - The country where the ASN asset is located.
Operator - The operator responsible for the asset.
ID - The unique identifier for the asset.
Issuer CA ID - The Certificate Authority ID that issued the asset's certificate.
Issuer name - The name of the issuer of the asset's certificate.
Expiration status - The expiration status of a certificate type asset.
Valid from - The start date of a certificate asset's validity period.
Valid until - The end date of a certificate asset's validity period.
Serial number - The serial number of the asset's certificate.
Record type - The type of DNS record associated with the asset.
Mail server - The mail server associated with the asset.
Name server - The name server associated with the asset.
CNAME - The canonical name (CNAME) associated with the asset.
Vulnerable to zone transfer - Indicates if the asset is vulnerable to DNS zone transfer attacks.
Port - The port number associated with the Service type asset.
Protocol - The protocol used by the Service type asset.
CVEs - The Common Vulnerabilities and Exposures (CVEs) associated with the asset.
Note
More details regarding the information in each column are available type in the Filters section.
Managing assets
In the EASM Inventory page, you can perform the following actions:
View asset details
To display additional information regarding any specific asset, click anywhere on the row belonging to the asset you want to view:
DIfferent information will be displayed, depending on the type of asset displayed.
Click the View related assets button to change the filters on the EASM Inventory page to only display assets related to the one currently being displayed.
Configure, run, or schedule scans
To make sure you have an up to date asset overview, you should schedule frequent scans to look for new assets or changes to previously detected ones.
Note
By scanning assets, you understand that Bitdefender may use public Internet services (from the list that Bitdefender EASM service supports) to look for more publicly available information offered by those services related to these assets in order to understand the security posture of your company.
To do this, follow the steps below:
Click on the Scan configuration button.
The Scan configuration page is displayed.
Under the Scheduler section, configure the frequency of automated scans:
Recurrence - select the frequency of scans.
Currently,
Weeklyis the only available option. This option performs a scan every week, on a set day and time.On the following day - Select the day of the week the scan is to be performed.
Start time - Select the time when the scan is to be performed.
Under the Scan list tab, manage the list of assets you want to be included in the next scan.
Under the Scan exclusions tab, manage the list of assets you don't want to be included in the next scan.
Click Save to save changes or Save and scan to also run a scan now.
Include assets in scans
This feature allows you flag certain assets and add them to the Scan list. When an asset is added to this list, it will always be included in scans.
To add assets to the Scan list follow these steps:
Select the assets you want to add by selecting the corresponding checkboxes next to the Asset name column.
Click the Include in scan button.
A toast message will appear indicating if the request was successful.
Note
Only the following asset types can be added to scan lists:
IPv4
IPv6
IP Block
Email
Domain
ASN reports
Alternatively, you can add assets to the Scan list from the Scan configuration window.
Exclude assets from scans
You can use this feature to flag assets and add them to a list. All assets in this list will not be included in scans and will now be taken into consideration when compiling data for the EASM Dashboard page.
To add assets to the Scan list follow these steps:
Select the assets you want to add by selecting the corresponding checkboxes next to the Asset name column.
Click the Exclude from scan button.
A toast message will appear indicating if the request was successful.
Alternatively, you can exclude assets to the Scan list from the Scan configuration window.