Internet-Facing Domains

Attack Surface Discovery scans your external attack surface to discover public domains (including subdomains).

The following table explains usage of domain-related terms in Internet-Facing Assets.




  • Refers to the root domain

  • Serves as a group name for a set of hosts


Additional part to the root domain that is used to separate content for specific organizational and navigational purposes


  • Refers to an "internet device"

  • Assigned an identifier ("host name") that can be translated by the domain name system to one or more IP addresses

Domain-related risks are identified based on the following factors:


Example of risk

Domain information

Domain name expired

SSL/TLS information

Weak or deprecated SSL/TLS version

HTTP response

Header values leaking information about software running on the device

The following table outlines the actions you can perform on the Domains tab:



View an overview of internet-facing root domains and hosts.

The widget provides the following information:

  • Number of discovered root domains and hosts per month

  • Discovery trend for the last 12 months

View the list of internet-facing root domains and hosts related to each root domain.

The list includes the following information:

  • Root domains: Automatically discovered and manually added root domains

  • Host: Risk score, number of related public IPs, and other key information

You can filter list entries based on criteria such as criticality and host provider.


Assets marked with the star icon are highly critical to your organization's operations. For more information, see Asset Criticality.

Add root domains and hosts to the list.

  1. Click Add.

  2. Perform one of the following actions:

    • Select from the list of recommended root domains.

    • Specify root domains and hosts that belong to your organization.

    You can add a maximum of 20 domains at a time. To add more than 20 domains, contact your support provider.

    Attack Surface Discovery verifies the domains and discovers associated internet-facing domains.

  3. View the status of manually added domains by clicking Review Status.

View the asset details screen for each root domain and host.

The asset details screen includes the following tabs:

  • Risk Assessment: Displays the risk score and list of risk indicators, including descriptions of risk events and recommended remediation actions

  • Related IPs: Lists the related public IPs with information such as location, host provider, and highly-exploitable CVEs

  • Certificates: Displays SSL/TLS information about the domain certificate

  • Asset Profile: Displays criticality-related information, including the criticality level and list of profile tags

Export information about root domains and hosts discovered in the last 7 days.

  1. Click Manage Reports.

  2. Select Internet-Facing Assets.

    The Report Management › Internet-Facing Assets Template screen appears.

  3. Configure the report settings.


    To view the list of data fields for each asset type, click View CSV Fields.

  4. Click Create.

Each CSV file contains a maximum of 100,000 records.