When you view and validate your Digital Footprint, you can check asset categories for immediate context to help you understand how assets are connected to your organization.
For example, you see at a glance that an asset is in a vendor's cloud or content delivery network. With this information you can make quick decisions about how to tag, prioritize, or assign the asset for further investigation or issue remediation. Asset categories also give you a better idea of your overall attack surface.
View asset categories
You can only view categories for assets in your organization's Scorecard.
- Select Digital Footprint in your Scorecard.
- Select Domains.
Note: We currently do not display asset categories for Digital Footprints with more than 100,000 IPs.
- See the Asset Category column in the table.
Tip: If you see multiple categories, simplify your view by filtering on a specific category. See the table below for all available categories.
Asset category definitions and sources
We categorize assets based on two sources:
- SecurityScorecard's scanning and attribution data
- Categories that you assign to assets when managing your Digital Footprint
Note: Not every individual asset belongs to a category.
See all current categories in the following table
| Category | Description | Assigned by |
| Cloud IP |
This IP belongs to a cloud provider. Issue findings do not impact the score for the attributed organization. |
SecurityScorecard |
| Exit IP |
The attributed organization uses this IP for exiting its guest networks, and uses a specific method to partition it behind a firewall. Its issue findings do not affect their score. |
SecurityScorecard |
| Guest network IP |
This IP is a guest device on the attributed organization's wireless network and isolated from their critical infrastructure. Findings for the following issue types do not impact the score:
|
Attributed organization |
| Honeypot domain |
The attributed organization has isolated this asset as a honeypot from critical infrastructure and uses it for detecting or preventing attempts at unauthorized access. Its issue findings do not affect the organization’s score. |
SecurityScorecard |
| Honeypot IP |
The attributed organization has isolated this asset as a honeypot from critical infrastructure and uses it for detecting or preventing attempts at unauthorized access. Its issue findings do not affect the organization’s score. |
SecurityScorecard |
| Hosting IP |
This IP is part of a hosting service. Its issue findings do not affect the score for the attributed organization. |
SecurityScorecard |
| IP on CDN |
This IP is on a content delivery network (CDN). Its issue findings do not affect the score for the attributed organization. |
SecurityScorecard |
| IP on VPN |
This IP is on a virtual private network. Its issue findings do not affect the score for the attributed organization. |
SecurityScorecard |
| Malicious IP | This IP has been associated with malicious activity. | SecurityScorecard |
| Other |
The attributed organization categorized this as IP as Other when managing its Digital Footprint. Our Support team determines the score impact |
Attributed organization |
|
Parked domain |
This domain resolves to a third-party parking service, such as GoDaddy. Its issue findings in the Application Security factor do not affect the score for the attributed organization. | Attributed organization |
| Parked IP | This IP resolves to a third-party parking service, such as GoDaddy. Its issue findings do not affect the score for the attributed organization. | Attributed organization |
| Residential IP | This IP belongs to a private residence. | SecurityScorecard |
| SaaS IP |
This IP is part of a software-as-a service (SaaS) application. Its issue findings do not affect the score for the attributed organization. |
SecurityScorecard |
| Shared IP |
This IP is part of shared infrastructure and does not belong to the attributed organization. Its issue findings do not affect the score for the attributed organization. |
SecurityScorecard |
| Tenant IP |
The attributed organization does not host or manage this IP or CIDR range. It belongs to a customer of theirs. It belongs to a customer of theirs, so its issue findings do not affect their score. |
Attributed organization |
| Test network IP | The attributed organization uses this network for testing, so some issue findings may be false positives. Its issue findings are removed from the attributed organization's Scorecard. | SecurityScorecard |
| Third-party IP | This IP belongs to a third-party vendor of the attributed organization and does not affect its score. | SecurityScorecard |
| VPN IaaS drop point |
This IP is on a virtual private network as part of an infrastructure-as-a-service offering. Its issue findings do not affect the score for the attributed organization. |
SecurityScorecard |
Comments
0 comments
Please sign in to leave a comment.