You can investigate an internet exposure by navigating to Cases & Issues or using Graph Search.
You can investigate assets exposed to the internet by reviewing issues detected by Cloud Network Analyzer or by using Graph Search.
Investigate internet exposure issues
investigate assets exposed to the internet by navigating to Cases & Issues.
Review internet exposure issues to learn which assets are exposed to the internet. You can find internet exposure issues under Cases & Issues.
Go to Cases & Issues.
Select the Detection Method filter and then select the Cloud Network Analyzer as the Detecting Engine.
Select a specific issue to investigate. You can review:
Affected asset
Policy that triggered the exposure
Exposure details (Public IP, FQDN, protocol, port, and HTTPs response code)
Exposure path
From an issue, you can navigate to a specific affected asset and investigate further by clicking on the Network tab. The Network tab provides in-depth visibility over specific network details and internal network reachability:
Note
The Network tab is currently only available for virtual machines.
Note
The Network tab is only displayed when you have access to the main asset and associated ones, such as security groups, VPCs and subnets. For more information on Scope-Based Access Control (SBAC) for configuring granular scoping, see Manage user scope.
Networking Details: Access details such as where the VM is deployed, connected subnets, and associated network security controls. Review a visual representation of the asset and all the private IPs connected to it.
Networking Security Rules: An interface to investigate the network rules associated with the asset.
Investigate internet-exposed assets using Graph Search
Use Graph Search to investigate assets exposed to the internet.
You can use What is Graph Search? to search for and investigate internet-exposed assets.
Go to → → → .
Define a query that finds selected assets where Internet Exposed = True:
Select one or more specific asset types that are supported by CNA exposure detection, such as a Virtual Machine or a Kubernetes Workload.
Add a condition WHERE Internet Exposed = True.
Click Search.
Click on an object and then click on View Details to view details of the asset.
Investigate further by clicking on the Network tab. The Network tab provides in-depth visibility over specific network details and internal network reachability:
Note
The Network tab is currently only available for virtual machines.
Note
The Network tab is only displayed when you have access to the main asset and associated ones, such as security groups, VPCs and subnets. For more information on Scope-Based Access Control (SBAC) for configuring granular scoping, see Manage user scope.
Networking Details: Access details such as where the VM is deployed, connected subnets, and associated network security controls. Review a visual representation of the asset and all the private IPs connected to it.
Networking Security Rules: An interface to investigate the network rules associated with the asset.