You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/external-attack-surface-management/understanding-asset-details.md
+12-11Lines changed: 12 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,19 +32,20 @@ This section is comprised of high-level information that is key to understanding
32
32
|--|--|--|
33
33
| Asset Name | The name of an asset. | All |
34
34
| UUID | This 128-bit label represents the universally unique identifier (UUID) for the | All |
35
+
| Added to inventory | The date than an asset was added to inventory, whether automatically to the “Approved Inventory” state or in another state (e.g. “Candidate”). | All |
35
36
| Status | The status of the asset within the RiskIQ system. Options include Approved Inventory, Candidate, Dependencies, or Requires Investigation. | All |
36
-
| First seen | This column displays the date that the asset was first observed by crawling| All |
37
-
| Last seen | This column displays the date that the asset was last observed by crawling infrastructure. | All |
38
-
| Discovered on |The date that the asset was found in a discovery run scanning for assets related to an organization’s known infrastructure.| All |
39
-
| Last updated |This column displays the date that the asset was last updated in the system after new data was found in a scan.| All |
37
+
| First seen (Global Security Graph) | The date that Microsoft first scanned the asset and added it to our comprehensive Global Security Graph. | All |
38
+
| Last seen (Global Security Graph) | The date that Microsoft most recently scanned the asset. | All |
39
+
| Discovered on |Indicates the creation date of the Discovery Group that detected the asset. | All |
40
+
| Last updated |The date that the asset was last updated, whether by new data discovered in a scan or manual user actions (e.g. a state change). | All |
40
41
| Country | The country of origin detected for this asset. | All |
41
42
| State/Province | The state or province of origin detected for this asset. | All |
42
43
| City | The city of origin detected for this asset. | All |
43
-
| WhoIs name || Host |
44
-
| WhoIs email | The primary contact email in a WhoIs record. | Host |
45
-
| WhoIS organization | The listed organization in a WhoIs record. | Host |
46
-
| WhoIs registrar | The listed registrar in a WhoIs record. | Host |
47
-
| WhoIs name servers | The listed name servers in a WhoIs record. | Host |
44
+
| WhoIs name |The name associated with a Whois record. | Host |
45
+
| WhoIs email | The primary contact email in a Whois record. | Host |
46
+
| WhoIS organization | The listed organization in a Whois record. | Host |
47
+
| WhoIs registrar | The listed registrar in a Whois record. | Host |
48
+
| WhoIs name servers | The listed name servers in a Whois record. | Host |
48
49
| Certificate issued | The date when a certificate was issued. | SSL certificate |
49
50
| Certificate expires | The date when a certificate will expire. | SSL certificate |
50
51
| Serial number | The serial number associated with an SSL certificate. | SSL certificate |
@@ -123,7 +124,7 @@ In the example below, we see that the seed domain is tied to this asset through
123
124
124
125
### Discovery information
125
126
126
-
This section provides information about the process used to detect the asset. It includes information about the discovery seed that connects to the asset, as well as the approval process. Options include “Approved Inventory” which indicates the relationship between the seed and discovered asset was strong enough to warrant an automatic approval by the Defender EASM system. Otherwise, the process will be listed as “Candidate”, indicating that the asset required manual approval to be incorporated into your inventory. This section also provides the date that the asset was added to your inventory, as well as the date that it was last scanned in a discovery run.
127
+
This section provides information about the process used to detect the asset. It includes information about the discovery seed that connects to the asset, as well as the approval process. Options include “Approved Inventory” which indicates the relationship between the seed and discovered asset was strong enough to warrant an automatic approval by the Defender EASM system. Otherwise, the process will be listed as “Candidate”, indicating that the asset required manual approval to be incorporated into your inventory. This section also provides the "Last discovery run" date that indicates when the Discovery Group that initially detected the asset was last utilized for a discovery scan.
127
128
128
129
### IP reputation
129
130
@@ -239,4 +240,4 @@ It’s important to note that many organizations opt to obfuscate their registry
0 commit comments