Glossary Glossary

Asset Discovery

Asset discovery is the process of identifying and cataloging all the IT resources of an organization. In the context of external attack surface management (EASM), asset discovery focuses on Internet-facing properties like domain names, IP addresses, and email addresses.

The discovery phase plays a crucial role in the EASM process as it helps ensure all assets are accounted for and, therefore, can be protected. Asset discovery serves as a foundation for planning and executing a robust and effective security strategy.

Table of Contents

Asset Discovery: A Deep Dive

Why Is Asset Discovery Important?

Below are a few benefits of asset discovery.

  • Better visibility: Asset discovery provides visibility on an organization’s IT resources and connected infrastructure that require protection. Security teams cannot implement proper security controls without a good picture of all assets.
  • Vulnerability association: You can scan all discovered assets for vulnerabilities, which allows you to understand your attack surface better and take steps to reduce it.
  • Shadow IT discovery: Asset discovery can uncover both known and unknown assets. Unknown assets comprise rogue online accounts, cloud instances, applications, and other Internet-facing assets that often have unauthorized privileges and were not sanctioned by the IT team.

What Are Examples of Discoverable Assets?

Asset discovery is performed to uncover all types of assets, some of which are listed below.

Asset Discovery
  • Domain names and subdomains: The public-facing domains and subdomains of an organization used to host its main website, landing pages, portals, and other publicly accessible Web-based services.
  • IP addresses: Public IP addresses linked to external-facing systems and services, such as resolving domains and subdomains.
  • Open ports and services: Internet-exposed network ports and services, such as web and email servers.
  • Application programming interfaces (APIs) and integrations: APIs and integrations with publicly accessible external services.
  • Public cloud instances: Virtual machines (VMs), containers, and other resources hosted on public cloud platforms like AWS and Azure.
  • Cloud services and applications: Software-as-a-service (SaaS) applications and other public cloud-based services used by different teams.
  • Shadow IT: External-facing resources that were forgotten or added without the security team’s knowledge or authorization.

How Is Asset Discovery Done?

Security and IT teams can do asset discovery manually, notably by recording known assets in a spreadsheet. However, this approach is static, prone to errors, and easily leads to visibility gaps, as assets will likely be misrecorded, outdated, or forgotten.

On the other hand, automated asset discovery executed with the help of appropriate tools and platforms provides better visibility and accuracy for organizations, especially those operating in more complex environments.

Asset discovery can help organizations identify known and unknown assets. It is a foundation for critical security processes like EASM, which relies on asset visibility to perform vulnerability scanning and risk remediation.

Key Takeaways

  • Asset discovery gives security teams a comprehensive picture of their organization’s IT resources and connected infrastructure.
  • Discoverable assets include domain names, IP addresses, open ports, public cloud instances, APIs, and SaaS services.
  • The discovery process helps organizations comply with IT security-related regulations and frameworks.
  • Asset discovery can be done manually or automatically, the latter offering more comprehensive and updated results.

Learn how Attaxion can identify and catalog all your Internet-facing assets. Schedule a free demo tailored to your organization now.

Interested to Learn More?