Skip to content

Commit 71d99d9

Browse files
Merge pull request #223760 from memildin/patch-64
Fixed syntax for screenshots
2 parents 0082091 + 6096132 commit 71d99d9

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

articles/external-attack-surface-management/using-and-managing-discovery.md

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ Microsoft has preemptively configured the attack surfaces of many organizations,
2222

2323
When first accessing your Defender EASM instance, select “Getting Started” in the “General” section to search for your organization in the list of automated attack surfaces. Then select your organization from the list and click “Build my Attack Surface”.
2424

25-
![Screenshot of pre-configured attack surface selection screen](media/Discovery_1.png)
25+
:::image type="content" source="media/Discovery_1.png" alt-text="Screenshot of pre-configured attack surface selection screen.":::
2626

2727
At this point, the discovery will be running in the background. If you selected a pre-configured Attack Surface from the list of available organizations, you will be redirected to the Dashboard Overview screen where you can view insights into your organization’s infrastructure in Preview Mode. Review these dashboard insights to become familiar with your Attack Surface as you wait for additional assets to be discovered and populated in your inventory. See the [Understanding dashboards](understanding-dashboards.md) article for more information on how to derive insights from these dashboards.
2828

@@ -40,43 +40,43 @@ Custom discoveries are organized into Discovery Groups. They are independent see
4040

4141
1. Select the **Discovery** panel under the **Manage** section in the left-hand navigation column.
4242

43-
![Screenshot of EASM instance from overview page with manage section highlighted](media/Discovery_2.png)
43+
:::image type="content" source="media/Discovery_2.png" alt-text="Screenshot of EASM instance from overview page with manage section highlighted.":::
4444

4545
2. This Discovery page shows your list of Discovery Groups by default. This list will be empty when you first access the platform. To run your first discovery, click **Add Discovery Group**.
4646

47-
![Screenshot of Discovery screen with “add disco group” highlighted](media/Discovery_3.png)
47+
:::image type="content" source="media/Discovery_3.png" alt-text="Screenshot of Discovery screen with “add disco group” highlighted.":::
4848

4949
3. First, name your new discovery group and add a description. The **Recurring Frequency** field allows you to schedule discovery runs for this group, scanning for new assets related to the designated seeds on a continuous basis. The default recurrence selection is **Weekly**; Microsoft recommends this cadence to ensure that your organization’s assets are routinely monitored and updated. For a single, one-time discovery run, select **Never**. However, we recommend that users keep the **Weekly** default cadence and instead turn off historical monitoring within their Discovery Group settings if they later decide to discontinue recurrent discovery runs.
5050

5151
Select **Next: Seeds >**
5252

53-
![Screenshot of first page of disco group setup](media/Discovery_4.png)
53+
:::image type="content" source="media/Discovery_4.png" alt-text="Screenshot of first page of disco group setup.":::
5454

5555
4. Next, select the seeds that you’d like to use for this Discovery Group. Seeds are known assets that belong to your organization; the Defender EASM platform scans these entities, mapping their connections to other online infrastructure to create your Attack Surface.
5656

57-
![Screenshot of seed selection page of disco group setup](media/Discovery_5.png)
57+
:::image type="content" source="media/Discovery_5.png" alt-text="Screenshot of seed selection page of disco group setup.":::
5858

5959
The **Quick Start** option lets you search for your organization in a list of pre-populated Attack Surfaces. You can quickly create a Discovery Group based on the known assets belonging to your organization.
6060

61-
![Screenshot of pre-baked attack surface selection page, then output in seed list](media/Discovery_6.png)
61+
:::image type="content" source="media/Discovery_6.png" alt-text="Screenshot of pre-baked attack surface selection page, then output in seed list.":::
6262

63-
![Screenshot of pre-baked attack surface selection page.](media/Discovery_7.png)
63+
:::image type="content" source="media/Discovery_7.png" alt-text="Screenshot of pre-baked attack surface selection page..":::
6464

6565
Alternatively, users can manually input their seeds. Defender EASM accepts organization names, domains, IP blocks, hosts, email contacts, ASNs, and WhoIs organizations as seed values. You can also specify entities to exclude from asset discovery to ensure they are not added to your inventory if detected. For example, this is useful for organizations that have subsidiaries that will likely be connected to their central infrastructure, but do not belong to your organization.
6666

6767
Once your seeds have been selected, select **Review + Create**.
6868

6969
5. Review your group information and seed list, then select **Create & Run**.
7070

71-
![Screenshot of review + create screen](media/Discovery_8.png)
71+
:::image type="content" source="media/Discovery_8.png" alt-text="Screenshot of review + create screen.":::
7272

7373
You will then be taken back to the main Discovery page that displays your Discovery Groups. Once your discovery run is complete, you will see new assets added to your Confirmed Inventory.
7474

7575
### Viewing and editing discovery groups
7676

7777
Users can manage their discovery groups from the main “Discovery” page. The default view displays a list of all your discovery groups and some key data about each one. From the list view, you can see the number of seeds, recurrence schedule, last run date and created date for each group.
7878

79-
![Screenshot of discovery groups screen](media/Discovery_9.png)
79+
:::image type="content" source="media/Discovery_9.png" alt-text="Screenshot of discovery groups screen.":::
8080

8181
Click on any discovery group to view more information, edit the group, or immediately kickstart a new discovery process.
8282

@@ -86,7 +86,7 @@ The discovery group details page contains the run history for the group. Once ex
8686

8787
Run history is organized by the seed assets scanned during the discovery run. To see a list of the applicable seeds, click “Details”. This opens a right-hand pane that lists all the seeds and exclusions by kind and name.
8888

89-
![Screenshot of run history for disco group screen](media/Discovery_10.png)
89+
:::image type="content" source="media/Discovery_10.png" alt-text="Screenshot of run history for disco group screen.":::
9090

9191
### Viewing seeds and exclusions
9292

@@ -96,7 +96,7 @@ The Discovery page defaults to a list view of Discovery Groups, but users can al
9696

9797
The seed list view displays seed values with three columns: type, source name, and discovery group. The “type" field displays the category of the seed asset; the most common seeds are domains, hosts and IP blocks, but you can also use email contacts, ASNs, certificate common names or WhoIs organizations. The source name is simply the value that was inputted in the appropriate type box when creating the discovery group. The final column shows a list of discovery groups that use the seed; each value is clickable, taking you to the details page for that discovery group.
9898

99-
![Screenshot of seeds view of discovery page](media/Discovery_11.png)
99+
:::image type="content" source="media/Discovery_11.png" alt-text="Screenshot of seeds view of discovery page.":::
100100

101101
### Exclusions
102102

0 commit comments

Comments
 (0)