Attack Surface

The Attack Surface page in Storm XASM gives a detailed view of an organization’s external assets, helping users identify and manage potential vulnerabilities. It brings together information on assets, subdomains, IP addresses, and more, allowing security teams to monitor the attack surface and make informed decisions.

Domain and History

• At the top of the page, users can select a Domain from the drop-down menu to view information specific to that domain.

• The History filter allows users to select a date and review past assessments for comparative analysis.

Summary of Assets, Subdomains, and IP Addresses:

• This section provides a quick snapshot of the digital footprint for the selected domain.

• Assets: A total of 33 assets are identified, indicating all the external assets tracked by XASM for this domain.

• Subdomains: Numbber of subdomains detected.

• IP Addresses: The number of associated IP addresses, indicating that each asset in this case corresponds to a unique IP address.

Assets Finding Across Months:

On the right side, there’s a graph labeled Assets Finding Across Months. This section is designed to show trends over time, giving users an overview of asset discovery patterns on a monthly basis.

Search and Filter Options:

Users can enter keywords in the Search field or use the Filter options to refine their view, making it easier to locate specific assets or focus on particular attributes.

Assets Geographical Distribution:

The Assets Geographical Distribution button opens a map that visualizes the global distribution of the organization’s assets.

View Options:

There are two icons provide alternate viewing formats. These options allow users to switch between different layouts.

Card View

It provides a summarized, card-based layout of each external asset being monitored. In this view, each asset is presented in an individual card, showing key details such as:

• IP Address: Each card prominently displays the IP address of the asset, such as 18.102.16.191.

• Type: The asset type is specified.

• Status: A green indicator with “No Issues” signifies that no vulnerabilities have been detected for this asset.

• Additional Fields: Technology and URL fields.

Detailed View

• Each row represents an individual asset, displaying details such as Type, IP Address, Technology, URL, Country, and Vulnerability status.

• The View button at the end of each row allows users to click for more in-depth information on a specific asset, directing them to a detailed asset information page.

This View button directs users to the Asset Details page, displaying each asset in a structured table format with key attributes for quick reference.

Asset Details

This is the Asset Details page in Storm XASM, providing an in-depth view of an individual asset’s security profile and characteristics.

Top Summary Panel:

• Asset Type: Displays the type of asset, in this case, IPv4.

• Security Grade: Shows the asset’s security rating, graded as A, indicating a strong security posture.

• Severity: The severity level for this asset is listed as No Issues, meaning there are no detected vulnerabilities of concern.

• Number of Vulnerabilities: Shows the total number of vulnerabilities detected.

Asset Details Section:

• IP Address: The specific IP address of the asset, 185.230.61.211.

• ASN Number: Autonomous System Number (ASN) associated with this asset.

• CDN: Indicates whether the asset is connected to a Content Delivery Network (CDN).

• Open Ports: It means that there are no open ports currently detected or listed.

• Location: Implys the geographical details for the asset.

Add Comment:

At the bottom, there’s an Add Comment field where users can leave notes or communicate about the asset with coworkers.