Configuring External Attack Surface Management (EASM)

The Configuration tab is shown for super users and users who are assigned the Edit EASM Configuration and View EASM Configuration permissions. Super users can create and edit the EASM profile. Also, they can assign Edit EASM Configuration and View EASM Configuration permissions to users with a specific user role to restrict the EASM profile management actions, such as creating, viewing, editing, and deleting the EASM profile. 

1) From the Home page, navigate to Discover and Inventory > Expand your Inventory > Integrate with External Sources. Click Manage Configuration from the External Attack Surface tile. Alternatively, you can configure the EASM profile by clicking Manage Configuration from the banner. You are navigated to the Configuration tab. 

2) Configure the filter criteria to discover the externally exposed assets and hosts to manage your assets inventory. To know more details about the filter criteria, refer to Filter Criteria in EASM Configuration.

Configure filter criteria

After you added or updated the proper filter criteria, click Save to discover assets in your inventory. Once you validate and save your filter, your sync will start within a couple of hours. This sync automatically repeats after every two days. The sync time depends on the number of assets, and it varies from 2 to 6 hours.

Note:

- You can see the EASM discovery statuses on the EASM Configuration Page. As a result, you get a better insight into the EASM discovery progress. For more information, see EASM Discovery Statuses

EASM discovery statuses.

-  You can see the EASM assets from only the latest three scans. The assets that are not discovered from these scans are purged.

 

Once assets are discovered, you can see them in the Extenal Attack Surface tile on the Home page and on the Inventory tab.  

EASM Assets Discovered

Good to know!

- If you want to delete all EASM configurations and the EASM data, click Remove All.

Shodan Activation

- If configured max asset sync limit is reached for an EASM profile, a warning message is displayed.

Suppose the maximum limit of 1000 assets is reached, a warning message is displayed on the Assets discovered by EASM tile. To increase the asset limit of your EASM profile for the specific account, contact Qualys TAM. After the asset limit is increased, in the next sync, you can see the discovered assets and the warning message will not be shown anymore.

 Shodan Activation