Complete the steps in this section to set up Exposure Management and begin to customize it to meet your organization's unique requirements. All of these steps are optional, but recommended.
Step | Description | More information |
|---|---|---|
Step 1: Configure the Cortex Network Scanner and other Palo Alto Networks sensors | These sensors scan your environment and ingest vulnerabilities so you can review, prioritize, and take action on them from one central location. |
|
Step 2: Configure third-party integrations | Exposure Management can ingest vulnerabilities from Tenable.io, Tenable.sc, Rapid7 InsightVM, and Qualys VMDR scanners. | Ingest assets and vulnerabilities from third-party applications |
Step 3: Ingest assets and vulnerabilities using the API | The Vulnerability Ingest API imports vulnerabilities and assets from your third-party tools directly into your asset inventory and vulnerability management workflows. | Ingest assets and vulnerabilities from third-party applications |
Step 4 Enable Attack Surface Testing (AST) | AST validates that vulnerabilities are exposed to the internet and provides additional context for compensating controls. | |
Step 5: Review vulnerability policies | Review the out-of-the-box vulnerability policies and create custom policies to define which vulnerabilities trigger creation of an issue or other actions. | |
Step 6: Review attack surface rules | Attack surface rules determine which attack surface management (ASM) findings create issues. Review the default enabled attack surface rules and enable or modify rules as needed. | |
Step 7: Set up asset groups | Asset groups can be used to:
| |
Step 8: Enable issue enrichment and remediation automation | Install the Exposure Management Content pack to enable remediation owner information to be added to some issues automatically and automated remediation of some ASM issues. | Deploy ASM and Exposure Management enrichment and remediation automation functionality |