How to Set Entities Out of Scope
In Attack Surface Management (ASM), setting up an Entity to be out of the scope of a Collection will suppress the Entity and other related Entities from being populated in the Collection. You can do this two ways:
- From individual Entities
- From Collections
The following table characterizes Out of Scope settings:
Page | Entity Type | Out of Scope by Pattern | Out of Scope Single Entity |
---|---|---|---|
Entities | Url |
✔ |
|
Domain |
✔ |
||
Subdomain |
✔ |
||
Other Entities |
✔ |
||
Collections | Url |
✔ |
✔ |
Domain |
✔ |
✔ |
|
Subdomain |
✔ |
✔ |
|
Other Entities |
✔ |
- Out of Scope by Pattern: ASM uses a regex pattern to define the scope of Entities suppressed based on the Entity added to the list.
- Out of Scope Single Entity: ASM will prevent the specified Entity from populating in the Collection.
Settings from the Entities Page
As an example, we select the DNS Record tab from the ASM Entities page.
Choosing the first Entity listed, cms.hooverandstrong.com displays the details of the Entity. On the details page, we select Add Out Of Scope Entity and click Submit. The regex pattern defined by this submission is \bcms\.hooverandstrong\.com\b
.
To confirm, we navigate to Collections > Settings for the relevant Collection and select the Out of Scope tab. Here, we find both the regex Pattern (\bcms\.hooverandstrong\.com\b
) and DnsRecord Types listed for cms.hooverandstrong.com.
Settings from the Collections Page
-
Navigate to Collections > Settings and select a Collection.
-
Click + Add Out Of Scope Entity.
-
Select an Entity Type from the dropdown and type its Value.
-
Choose "Only out of scope this entity" (Single Entity), or Anything this Entity contains will be out-of-scoped (Pattern). This second option will add an additional Out of Scope line item to the Collection based on the regex pattern, as described above.
-
Click Submit.
These items are now listed under the Out of Scope tab of the Collection.
Updated 17 days ago