Skip to content

Commit 010ba20

Browse files
denreadenrea
authored
Merge pull request #247001 from danielledennis/main
Screenshot updates + IANA ID filter edit
2 parents 6eb4ae6 + 9a51b1d commit 010ba20

21 files changed

+10
-9
lines changed

articles/external-attack-surface-management/data-connections.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ This section presents general information on configuration.
5050
### Access data connections
5151
On the leftmost pane in your Defender EASM resource pane, under **Manage**, select **Data Connections**. This page displays the data connectors for both Log Analytics and Azure Data Explorer. It lists any current connections and provides the option to add, edit, or remove connections.
5252

53-
![Screenshot that shows the Data connections page.](media/data-connections/data-connector-1a.png)
53+
![Screenshot that shows the Data connections page.](media/data-connections/data-connector-1.png)
5454

5555
### Connection prerequisites
5656
To successfully create a data connection, you must first ensure that you've completed the required steps to grant Defender EASM permission to the tool of your choice. This process enables the application to ingest your exported data. It also provides the authentication credentials needed to configure the connection.

articles/external-attack-surface-management/discovering-your-attack-surface.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,6 @@ Custom discoveries are organized into Discovery Groups. They're independent seed
5858

5959
![Screenshot of pre-baked attack surface selection page, then output in seed list](media/Tutorial-6.png)
6060

61-
![Screenshot of pre-baked attack surface selection page,](media/Tutorial-7.png)
6261

6362
Alternatively, users can manually input their seeds. Defender EASM accepts domains, IP blocks, hosts, email contacts, ASNs, and WhoIs organizations as seed values. You can also specify entities to exclude from asset discovery to ensure they aren't added to your inventory if detected. For example, this is useful for organizations that have subsidiaries that will likely be connected to their central infrastructure, but don't belong to your organization.
6463

articles/external-attack-surface-management/domain-asset-filters.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,7 @@ The following filters require that the user manually enters the value with which
3030

3131
| Filter name | Description | Value format example | Applicable operators |
3232
|------------------------------------|----------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
33-
| Domain Status | Any detected domain configurations. | clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited | `Equals` `Not Equals` `Starts with` `Does not start with` `In` `Not In` `Starts with in` `Does not start with in` `Contains` `Does Not Contain` `Contains In` `Does Not Contain In` `Empty` `Not Empty` |
34-
| IANA ID | The allocated unique ID for a domain, IP or AS seen within WhoIs, IANA and ICANN records. | 1005 | |
33+
| Domain Status | Any detected domain configurations. | clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited | `Equals` `Not Equals` `Starts with` `Does not start with` `In` `Not In` `Starts with in` `Does not start with in` `Contains` `Does Not Contain` `Contains In` `Does Not Contain In` `Empty` `Not Empty` | |
3534
| Domain | The domain name of the desired asset(s). | Must align with the standard format of domains in inventory: “domain.tld” | `Equals` `Not Equals` `Starts with` `Does not start with` `Matches` `Does not match` `In` `Not In` `Starts with in` `Does not start with in` `Matches in` `Does not match in` `Contains` `Does Not Contain` `Contains In` `Does Not Contain In` `Empty` `Not Empty` |
3635
| Name Server | Any name servers connected to the domain. | dns.domain.com | |
3736
| Registrar | The name of the registrar within the WhoIs record. | GODADDY.COM, INC. | |
@@ -44,7 +43,8 @@ The following filters require that the user manually enters the value with which
4443
| Whois Registrant Organization | An organization associated with the listed registrant. | Contoso Ltd. | |
4544
| Whois Technical Email | The email address of the listed technical contact. | [email protected] | |
4645
| Whois Technical Name | The name of the listed technical contact. | John Smith | |
47-
| Whois Technical Organization | The organization associated to the listed technical contact. | Contoso Ltd. | |
46+
| Whois Technical Organization | The organization associated to the listed technical contact. | Contoso Ltd. |
47+
| IANA ID | The allocated unique ID for a domain, IP or AS seen within WhoIs, IANA and ICANN records. | 1005 | `Equals` `Not Equals` `In` `Not In` `Empty` `Not Empty` |
4848

4949

5050
## Next steps

articles/external-attack-surface-management/host-asset-filters.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ The following filters require that the user manually enters the value with which
3939
| Port State | Indicates the status of the observed port. | Open, Filtered | `Equals` `In` |
4040
| Port | Any ports detected on the asset. | 443, 80 | `Equals` `Not Equals` `In` `Not In` |
4141
| ASN | Autonomous System Number is a network identification for transporting data on the Internet between Internet routers. An ASN is associated to any public IP blocks tied to it where hosts are located. | 12345 | `Equals` `Not Equals` `In` `Not In` `Empty` `Not Empty` |
42+
| IANA ID | The allocated unique ID for a domain, IP or AS seen within WhoIs, IANA and ICANN records. | 1005 | |
4243
| Affected CVSS Score | Searches for assets with a CVE that matches a specific numerical score or range of scores. | Numerical (1-10), supports decimal values (e.g. 8.6). | `Equals` `Not Equals` `In` `Not In` `Greater Than or Equal To` `Less Than or Equal To` `Between` `Empty` `Not Empty` |
4344
| Affected CVSS v3 Score | Searches for assets with a CVE v3 that matches a specific numerical score or range of scores. | Numerical (1-10), supports decimal values (e.g. 8.6). | |
4445
| Attribute Type | Services running on the asset. These services can include IP addresses trackers. | address, AdblockPlusAcceptableAdsSignature | `Equals` `Not Equals` `Starts with` `Does not start with` `In` `Not in` `Starts with in` `Does not start with in` `Contains` `Does Not Contain` `Contains In` `Does Not Contain In` `Empty` `Not Empty` |
@@ -49,7 +50,6 @@ The following filters require that the user manually enters the value with which
4950
| Country | The country/region of origin detected for this asset. | United States | |
5051
| Country Code | The country code associated with the asset. | USA | |
5152
| Domain Status | Any detected domain configurations. | clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited | |
52-
| IANA ID | The allocated unique ID for a domain, IP or AS seen within WhoIs, IANA and ICANN records. | 1005 | |
5353
| IP Address | Any known IPs associated to the host. | 192.168.92.73 | |
5454
| IP Block | The IP block that is associated with the asset. | 192.168.92.73/16 | |
5555
| Resource MD5 | The hash algorithm used to encode data. | | |

articles/external-attack-surface-management/media/Dashboards-1.png

278 KB
Loading

articles/external-attack-surface-management/media/Overview-1.png

3.8 KB
Loading

articles/external-attack-surface-management/media/Overview-2.png

119 KB
Loading

articles/external-attack-surface-management/media/Overview-3.png

220 KB
Loading

articles/external-attack-surface-management/media/Overview-4.png

240 KB
Loading

articles/external-attack-surface-management/media/Tutorial-2.png

170 KB
Loading

0 commit comments

Comments
 (0)