External Assets - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Administrator Guide

Product
Cortex XSIAM
Creation date
2024-07-16
Last date published
2024-10-14
Category
Administrator Guide
Abstract

The assets discovered in a Cortex XSIAM ASM scan include domains, certificates, and unassociated responsive IPs.

The external assets that were discovered in a Cortex XSIAM ASM scan and were attributed to your organization are available in the All Assets and Specific Assets pages. External assets include the following asset types:

  • Domains: A domain name attributed to an organization by Cortex XSIAM. Subdomains of attributed Domains are also tracked as Domains. When there are too many (>1k) recent subdomains for one domain, Cortex XSIAM collapses them into the parent domain.

  • Certificates: Certificates (also known as digital or public key certificates) are used when establishing encrypted communication channels to identify and authenticate a trusted party. The most common use of certificates is for SSL/TLS, HTTPS, FTPS, SSH, and VPN connections. The most common use of certificates is for HTTPS-based websites, which allow a web browser to validate that an HTTPS web server is an authentic website. tracks information for each certificate, such as Issuer, Public key, Public Key Algorithm, Subject, Subject Alternative Names, Subject Organization, Subject Country, Subject State, and several “crypto health” checks.

  • Unassociated Responsive IPs: An IP that currently or has previously exposed a service.