Views:

Discover your organizational assets that might be exposed to attack, including devices, internet-facing assets, accounts, applications, and cloud assets.

Attack Surface Discovery allows you to locate corporate assets that threat actors might be able to use to attack your organization. Each section of the Attack Surface Discovery app provides insights into an asset type within your organization.
Important
Important
You must allocate credits to Attack Surface Risk Management to fully access Attack Surface Discovery . Customers with XDR sensor entitlements that have not allocated credits to Attack Surface Risk Management have limited access to the asset profile screens related to their XDR sensors. For more information, see Credit requirements for Trend Vision One apps and services.
The following table describes the sections of the Attack Surface Discovery app.
Section
Description
Devices
Displays all the devices visible within your organization
  • Search for devices by name.
  • Click Filter to add a filter.
  • Click Export to generate a report for the devices currently displayed on the device list.
  • Click Exception List to see and remove devices on the exception list.
  • Click any device name to view details on the device profile screen.
  • Select devices and click Add to Exception List to add the devices to the exception list.
  • To manually modify the criticality of a highly critical asset, hover over the highly critical icon (highly-critical-icon.png) and click Modify Criticality.
Important
Important
For customers that signed up for or expressly updated Trend Vision One after July 3, 2023, the Devices section only shows data for devices within the asset visibility scope of the current user.
Note
Note
Attack Surface Discovery cannot assess all discovered devices. Devices visible through third-party data sources might not provide enough data for thorough analysis.
Displays all IP and domain assets that are visible from external internet locations and view detailed IP profile risk assessments
  • Search for internet-facing assets by name.
  • Click Filter to add a filter.
  • Add your organization's domains by clicking + Add to allow Trend Micro to perform external asset searches for exposed host names.
  • Click Export to generate a report for the internet-facing assets currently displayed on the list.
  • Click any root domain or public IP to view details on the internet-facing asset profile screen.
  • To manually modify the criticality of a highly critical asset, hover over the highly critical icon (highly-critical-icon.png) and click Modify Criticality.
Important
Important
Processing new corporate domain information might take up to 7 days to complete. You can only assess domains owned by your organization.
Accounts
Displays all visible domain and service accounts, identifies highly-authorized accounts, and allows you to view detailed risk profiles
  • Search for accounts by name.
  • Click Filter to add a filter.
  • Click Export to generate a report for the accounts currently displayed on the list.
  • Click any user name to view details on the account profile screen.
  • To manually modify the criticality of a highly critical asset, hover over the highly critical icon (highly-critical-icon.png) and click Modify Criticality.
  • To create a Security Awareness training campaign for a specific user, click the associated actions icon (options.png) and then click Create Training Campaign.
    Important
    Important
    This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
Displays all apps accessed by your organization's users and devices
  • Search for apps by name.
  • Click Filter to add a filter.
  • Click Export to generate a report for the apps currently displayed on the list.
  • Click any app name to view additional details on the app profile screen.
  • Change the sanctioned status of cloud apps.
  • Assign secure access rules to control users' access to cloud apps.
Displays detected cloud workloads within your organization, enabling you to rapidly identify compliance and security best practice violations on your public cloud infrastructure and across your cloud service platforms
  • Search for cloud assets by name.
  • Click Filter to add a filter.
  • Depending on your region, you can click Graph View for a graphical representation of your organization's cloud assets.
  • Click Export to generate a report for the cloud assets currently displayed on the list.
  • Click any category to display only assets of the selected category in the cloud asset list.
  • Click any cloud asset name to view additional details on the cloud asset profile screen.
API Security
Displays REST and HTTP-based API collections detected in your AWS API gateways and assesses the vulnerability of individual API endpoints
  • Search for API collections by name.
  • Click Filter to add a filter.
  • Click Export to generate a report for the cloud assets currently displayed on the list.
  • Click any API collection name to view additional details on the API collection profile screen.
  • Expand any API collection for an overview of the individual API endpoints contained in the collection.