Entities

An Entity is an external asset belonging to an organization such as a domain name, email address, or URL. Every Entity that is found serves as a pivot point for additional data gathering.

For a list of available Entities in ASM, see Entity types.

Recent Entities List

The Entities page of ASM shows you a list of the most recent Entities that were inspected in the selected Collections. Each Entity listing contains:

Its status, type, and country
The name of the Entity
The Collection containing the Entity
The number and severity of associated Issues
Any tags associated with it
The first and last times it was seen
Associated technologies

If there isn't a vendor-specific logo associated with a technology, a generic icon is displayed.

Attack Surface Management Entities page

Active and Inactive Filter

On the Entities page, you will see filter options based on the following definitions:

A screenshot of the Active Entities filter

Active Entities: Entities that have been seen in the most recent scan.
Inactive Entities: Entities that were seen in a previous scan and were not seen in the most recent scan.

Entity Overview

From the Entities page, open an Entity to explore it in depth. If applicable to the Entity type, you can set the Entity Out Of Scope. You can review or add notes. Associated Issues are listed. Additional context surrounding the Entity may include:

Details: Information about the Entity.
Scan History: Changes that have occurred to the Entity over time.
Raw (JSON): The raw JSON structure of the query itself.
Discovery Context: A visual representation of the discovery path and context identified during the discovery and attribution process of the Entity.
Checks: Checks that have been run on the Entity. Links to the Library definitions are provided.
Technologies: Technologies associated with the Entity. Links to the Library definitions are provided.
Inferred CVE: Inferred vulnerabilities (CVEs) that were found in the Entity.
Potential Typosquats: Domains that have been identified as potential typosquats but may be legitimate websites.

Entity Overview page for a specific Entity. Details tab is showing.

Entity Types

The following table provides a list of Entities available in ASM, categorized by type:

Entity Type	Entity Name	Entity Description
Applications	API Endpoint (`ApiEndpoint`)	A HTTP based API endpoint
	Application Endpoint (`AppEndpoint`)	A HTTP / HTTPS application endpoint
	Certificate (`SslCertificate`)	A Digital Certificate
	GcpApiGateway	Google Cloud Platform API Gateway
	GcpAppEngineApplication	Google Cloud App Engine Application
	GcpCloudFunction	Google Cloud Platform Cloud Function that is public facing and triggered via HTTP
	Network Service (`NetworkService`)	A TCP or UDP Network Service
	URL (`Uri`)	A HTTP / HTTPS application endpoint
Code	Github Account (`GithubAccount`)	A FQDN of a Github Account
Code	Github Repository (`GithubRepository`)	A FQDN of a Github Repository
Domains & Networking	Autonomous System (`AutonomousSystem`)	Unique Autonomous System ID, advertised globally to publish network routes
	DNS Record (`DnsRecord`)	DNS Subdomain, any type of DNS record that is not an authoritative domain
	Domain	An Authoritative Domain
	Nameserver	An FQDN or an IP Address that points to a Nameserver
	Network (`NetBlock`)	A Block of IPs, in CIDR format
Hosts & Compute	AWS EC2 (`AwsEC2Instance`)	An AWS EC2 Compute Instance
	Azure Virtual Machine (`AzureVirtualMachine`)	An Azure Virtual Machine
	GcpComputeEngineInstance	Google Cloud Compute Engine Instance
	IP Address (`IpAddress`)	An IPv4 or IPv6 Address
Storage	AWS RDS (`AwsRdsDbInstance`)	An AWS RDS Database Instance
	AWS S3 (`AwsS3Bucket`)	An S3 Bucket
	AzureStorageAccount	An Azure Storage Account
	GcpCloudSQLInstance	Google Cloud Platform Cloud SQL Instance
	GcpStorageBucket	Google Cloud Platform Storage Bucket
System	Unique Keyword (`UniqueKeyword`)	A globally unique keyword that can be reliably searched
Users & Access	API Token (`UniqueToken`)	An api key or analytics id
Users & Access	Email Address (`EmailAddress`)	An Email Address