- Get Started with Attack Surface Insights
- View Entities in Attack Surface Insights
- Search for Entities in Attack Surface Insights
- Edit Entities in Attack Surface Insights
- Entity Attributes
Attack Surface Insights
Track and learn about the resources in your organization with Attack Surface Insights.
Attack Surface Insights is a directory for organizational resources in your environment, also known as entities; examples include users, endpoints, processes, files, servers, and applications. Attack Surface Insights identifies entities in incoming parsed logs, connects related attributes and contextual data to build comprehensive profiles on those entities, and links related entities. With Attack Surface Insights, you can thoroughly understand the entities involved in an investigation, validate the entities in your network, and ensure you've properly configured your security content.
In Attack Surface Insights, view entities identified in your logs and their attributes. To quickly find a specific entity, search for it. To assign tags or a security criticality to an entity, edit an entity automatically using rules or manually.
Attack Surface Insights currently supports user and device entities. Attack Surface Insights is currently available for certain licenses only. Permissions determine what you're permitted to see and do in Attack Surface Insights.