Discovery Methods

The two kinds of discovery methods depending on the level of confidence Cortex® Xpanse™ has in attributing it to your organization.
Services are marked with one of two kinds of discovery methods depending on the level of confidence Cortex® Xpanse™ has in attributing it to your organization.
  • Directly Attributed
    —These Services are definitively associated with an Asset that Cortex Expanse believes belongs to your organization.
    Examples include:
    • It is hosted on one of your on prem IP ranges.
    • The Service advertises one of your organization's certificates.
    • It is on a managed cloud resource that is known to be yours.
  • Co-located with your Services
    —A co-located service itself does not present direct evidence that it is owned by your organization. Yet, these Services are running on the same IP as a different service that is directly attributed to your organization. In a multi-tenant hosting environment these co-located services may belong to other organizations but can sometimes pose adjacency risks to your services hosted on that IP. Because they have no definitive fingerprint of ownership, co-located services are excluded from the Services List view by default. You can review them by selecting the
    Co-located with your Services
    option from the
    Discovery Method
    filter drop-down. If your organization has “single-tenant environment only” policies with 3rd party hosting providers you can use this functionality to identify possible violations of that policy.

Recommended For You