Excluding IP Addresses From the EASM Discovery

You can exclude individual or multiple IP (IPv4 and IPv6) addresses for managed and unmanaged assets from the EASM discovery.

Also, you can exclude IP addresses for various reasons, such as you don't own the assets, or you are aware of the exposed assets but don't want to see the results in the EASM discovery.

By excluding these IP addresses, you can monitor the most crucial subset of your external attack surface. If you want to include these IP addresses back in the inventory, remove the Exclude filter. 

Note: Only Superusers can exclude IP addresses from the EASM discovery.

Complete the following steps to exclude an individual IP address:
1.  Click the EASM tab and select the check box next to the IP address from the Asset column that you want to exclude.
2.  From the Quick Actions menu, click Exclude IP from EASM Discovery.

Exclude an IP adress

You are navigated to the ‘Manage EASM Configurations’ page, wherein you can see the IP address that you selected to exclude is added under the Exclude section.

IP excluded

3.  Click Update. The EASM configuration is now updated. 
After your EASM profile gets updated with this IP address exclusion, the sync is initiated after a couple of hours. Once this sync is completed, the IP address gets excluded and it’s not considered in the EASM discovery. 

Complete the following steps to exclude multiple IP addresses:
1.  Click the EASM tab and select the check boxes next to the IP addresses from the Asset column that you want to exclude.
2.  From the Actions list, click Exclude IP from EASM Discovery

Exclude Multiple IPs

You are navigated to the ‘Manage EASM Configurations’ page, wherein you can see the IP addresses that you selected to exclude are added under the Exclude section. 

Exclusion of multiple IP addresses

3.  Click Update. The EASM configuration is now updated. 
After your EASM profile gets updated with this IP address exclusion, the sync is initiated after a couple of hours. Once this sync is completed, the IP addresses get excluded and they are not considered in the EASM discovery.