Internet-Facing Assets

Attack Surface Discovery identifies public domains and public IP addresses within your organization, and reports potential risks such as misconfigurations, highly-exploitable vulnerabilities, and insecure connection issues.

Internet-facing programs and services constitute a large portion of your organization's attack surface and can be your most vulnerable assets. These assets, which are accessible from the internet either accidentally or deliberately, are among the first targets that threat actors will attempt to compromise.

Attack Surface Discovery scans your external attack surface to discover public domains (including subdomains) and public IP addresses. During discovery, key information such as geolocation and certificate status are also collected. Internet-facing assets are discovered from several sources, including the following:


Information collected

Identity and access management (IAM) systems

Root domain information


Domain records, including all subdomains

ICANN Lookup

Domain registrant information and related domains


Subdomain certificate information and related domains

To help you prioritize during remediation, Attack Surface Discovery performs a risk assessment and identifies security issues based on information about ports, services, certificates, and vulnerabilities. A multi-faceted scoring system is used to determine asset criticality and risk level. An asset's risk score considers the following factors:

Asset type

Risk score contributor

Public domain

  • Certificates

  • Ports

  • Vulnerabilities

  • Aggregated risk for hosts related to the root domain

  • Aggregated risk for IP addresses related to the root domain and hosts

Public IP address

  • Ports

  • Vulnerabilities