Table of Contents

Asset Monitoring

Rama Sadhu Updated by Rama Sadhu

Asset Discovery is our latest offering that compliments our DAST Scanner, Indusface WAS and cloud WAAP, AppTrana. 

Addition of Asset Discovery will now enable you to: 

  1. Generate an inventory of your external assets 
  2. Scan your assets for vulnerabilities and secure them 
  3. Improve organizational governance 
  4. Stay prepared for audit & compliance

The following video explains how asset monitoring feature works.

Asset monitoring tab is enabled only for the Primary users.

  • Go to the Asset Monitoring page. 
  • Account name and email address is displayed primarily. Click on the edit button to modify the account name. 
  • Click on the checkbox of All or Domain, and click Start Discovery button. 

 

  • Once the user initiates the discovery, a table is displayed with the basic details of the web apps(subdomains) and mobile apps associated with TLD. 
  • There are three different tables given for Web App, Mobile App, and False Positive.

Asset Summary 

 The total number of top-level domains (main domains), subdomains, and IPs are displayed in asset summary section. 

 Web App
  1. The list of web apps discovered during the asset discovery scan is displayed in this table. 
  2. This table consists of details such as subdomain name, IP, Data Centre, Site Type, Domain, and Action

 

  1. In Action filed, user has 3 options to add the subdomain to enhance the protection, edit the subdomain, and mark as false positive. 

Add Subdomain to scan

  1. Click on the Add website button. 
  1. Choose the plan.
  1. Select the plan option, enter the valid credit card details, and click on the Proceed button.
  1. By default, URL is entered and click on the Proceed button.
  1. The primary email address will be verified directly, and the application is added successfully. Now, user can see the details and initiate the scan from the table.

 

Edit Subdomain 
  •  User can edit the subdomain by clicking on the Edit button.
  •  A pop-up opens to edit. Click on the Save changes button to apply the changes. 
  •  Once the subdomain name is edited, a pop-up comes with success message. 
False Positive Subdomain 
  • If any subdomain is found to be malicious during the scan but in fact it is legitimate, then we call it a false positive subdomain. 
  • If the subdomain is false positive, click on the False Positive button.
  •  A confirmation pop-up opens, click yes to continue. 
  •  A success pop-up opens. 

False Positive 

 All the false positive sub domains are displayed in this table. If any subdomain is not false positive and is legitimate you can mark as not false positive. 

In the table below, from Action filed click on the Not a False Positive button to bring the domain in web app list. 

 A confirmation pop-up opens and click on the Not a False Positive button.

 A success pop-up appears, and the asset will be automatically moved to Web app list. 

 If there is no false positive and in the TLD, then False Positive section will be hided automatically. 
 Mobile App 
  • The list of mobile apps identified during the asset discovery are displayed in this table. The table consists of details like Store name, application name, and action. 
  • From the action field, user can delete the application. 
  • Click on the Delete button. 
  • A confirmation pop-up appears, carefully read the quote, and give confirmation. If user click on the Delete Mobile App button it deletes permanently. 
  • A success pop-up appears. 
 If there is no mobile application/asset present, the mobile app table will be hided. 
Export Data 
  • In each table Export button is given. 
  • User can click on the Export button to download the asset data in CSV format. 

 

How did we do?

Application Audit[AA]

Dashboard

Contact

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.