Fortinet black logo

User Guide

Home FortiRecon 24.2.0 User Guide
24.2.0
24.2.0
24.1.b
24.1.a
24.1.0
23.4.a
23.4.0
23.3.a
23.3.0
23.2.b
23.2.a
23.2.0
23.1.b
23.1.a
23.1.0
22.4.a
22.4.0
22.3.0
22.2.0

Attack Surface Management

Attack Surface Management

Attack Surface Management (ASM) offers a complete view of potential risks across your external and internal digital environments. It combines discovery, vulnerability assessment, and threat intelligence to help you proactively manage and reduce your attack surface. ASM includes the following modules.

  • External Attack Surface Management (EASM): Provides an adversary's view of external-facing digital assets to discover potential exposures, vulnerabilities, and security gaps. See EASM.

  • Internal Attack Surface Management (IASM): Maps and assesses risks within your networks, discovering internal assets and identifying vulnerabilities that could be exploited by attackers. See IASM.

The ASM module displays the EASM and IASM scan results for your organization on the following pages :

The EASM/IASM toggle is located at the top of the Dashboard, Asset Discovery, and Security Issues pages within the ASM module. This toggle allows you to seamlessly switch between EASM and IASM data.

Dashboard

Displays widgets that summarize your discovered assets and potential security issues related to your assets. You can click some widgets to display more details on the other tabs. See EASM or IASM dashboard.

Security Issues

Displays a summary of all potential security issues and details about each issue. You can filter security issues and change the status of security issues to reflect action taken at your organization. See EASM or IASM security issues.

Asset Discovery

Displays a summary of all discovered assets and details about each asset. You can mark assets as false positives, manually add assets, and manually remove assets. See EASM or IASM asset discovery.

Asset Management

Displays tags and groups used to filter and link assets. Also, you can configure IASM. See Asset Management.

Leaked Credentials

Displays a summary of leaked credentials by year and details about each breached dataset or leaked credential incident. See Leaked Credentials.

Integrations

Displays the added integrations for AWS, Azure, Google Cloud Platform, FortiDAST, and FortiGate. See Integrations.
Previous
Next

Attack Surface Management

Attack Surface Management (ASM) offers a complete view of potential risks across your external and internal digital environments. It combines discovery, vulnerability assessment, and threat intelligence to help you proactively manage and reduce your attack surface. ASM includes the following modules.

  • External Attack Surface Management (EASM): Provides an adversary's view of external-facing digital assets to discover potential exposures, vulnerabilities, and security gaps. See EASM.

  • Internal Attack Surface Management (IASM): Maps and assesses risks within your networks, discovering internal assets and identifying vulnerabilities that could be exploited by attackers. See IASM.

The ASM module displays the EASM and IASM scan results for your organization on the following pages :

The EASM/IASM toggle is located at the top of the Dashboard, Asset Discovery, and Security Issues pages within the ASM module. This toggle allows you to seamlessly switch between EASM and IASM data.

Dashboard

Displays widgets that summarize your discovered assets and potential security issues related to your assets. You can click some widgets to display more details on the other tabs. See EASM or IASM dashboard.

Security Issues

Displays a summary of all potential security issues and details about each issue. You can filter security issues and change the status of security issues to reflect action taken at your organization. See EASM or IASM security issues.

Asset Discovery

Displays a summary of all discovered assets and details about each asset. You can mark assets as false positives, manually add assets, and manually remove assets. See EASM or IASM asset discovery.

Asset Management

Displays tags and groups used to filter and link assets. Also, you can configure IASM. See Asset Management.

Leaked Credentials

Displays a summary of leaked credentials by year and details about each breached dataset or leaked credential incident. See Leaked Credentials.

Integrations

Displays the added integrations for AWS, Azure, Google Cloud Platform, FortiDAST, and FortiGate. See Integrations.
Previous
Next