Through a network mapping process, Cortex XDR discovers and attributes assets to organizations.
Attack Surface Management (ASM) in Cortex XDR discovers and intelligently attributes assets to organizations, helping you discover and protect previously unknown internet-connected systems. Through this network mapping process, you will understand your organization's true public-facing network perimeter.
Asset discovery and attribution
Cortex XDR uses a variety of methods to discover and attribute internet-facing assets to your organization. These methods include:
Domain Registration—Domain registry information mentions information about your organization. Cortex XDR pulls Whois registration information and updates it in your Cortex XDR instance approximately biweekly.
Certificate—An IP range advertised one of your certificates.
DNS—A DNS record points to an IP in your IP range. Cortex XDR gets its domains and DNS data from a combination of active and passive global collection techniques.
Self-Provided—The asset was on an IP address list provided by your organization or was attributed by Cortex XDR for a reason other than those listed above.
Human-in-the-loop
An expert analyst oversees a human-in-the-loop system which leverages our proprietary AI models to produce network maps of the highest confidence and completeness.
Your Internet-facing assets are always under attack from targeted and opportunistic attackers. Without a continuously updated, accurate inventory of those assets, you leave unknown or unmonitored assets exposed to threats. Cortex XDR discovers and helps remediate any exposures on those assets.
A primary advantage of Cortex XDR is combining leading-edge automated network mapping analysis with expert insights and validation. Cortex XSIAM experts understand the intricacies and idiosyncrasies of asset scanning and attribution. The end-result for Cortex XDR customers is fewer false positives and development of naming schemas and patterns that lead to broader asset discovery than what you see with fully automated scanning engines alone.