- Get Started with Attack Surface Insights
- View Entities in Attack Surface Insights
- Search for Entities in Attack Surface Insights
- Edit Entities in Attack Surface Insights
- Entity Attributes
Edit Entities in Attack Surface Insights
Assign tags and a security criticality to entities.
There are only two attributes you can edit in an entity: tags and security criticality.
Tags applied to Attack Surface Insights entities are referenced in Threat Detection Management analytics rules. To ensure analytics rules have the necessary attributes to work optimally, it's important that you assign entities the appropriate tags.
We recommend the relevant user entities have the following tags:
Executive
Privileged User
Service Account
Departing Employee
We recommend the relevant device entities have the following tags:
Critical Device
Domain Controller
Server
Workstation
The security criticality of an entity is one of the business factors used to calculate a related Threat Center case or alert risk score. To ensure Threat Center scores cases and alerts accurately, it's important that you assign entities the appropriate security criticality.
You can edit entities automatically using Attack Surface Insights rules or manually.