- Get Started with Attack Surface Insights
- View Entities in Attack Surface Insights
- Search for Entities in Attack Surface Insights
- Edit Entities in Attack Surface Insights
- Entity Attributes
Entities
Get to know entities, the organizational resources in your environment.
Entities are the organizational resources in your environment like users, endpoints, processes, files, servers, and applications.
Attack Surface Insights classifies entities into types. Each entity type has a specific set of attributes. There are currently two entity types: user entities and device entities.
You can find a comprehensive directory of all entities in your environment in Attack Surface Insights. Attack Surface Insights identifies entities in incoming parsed logs, connects related attributes and contextual data to build comprehensive profiles on those entities, and links related entities.
Entities are associated with Threat Center detections and, by extension, the cases and alerts in which they're grouped. You can monitor entities of interest using Threat Center watchlists. To build a search for events associated with a specific entity, use Search.