Excluding IP Addresses from the EASM Discovery
Click to view navigation pane


Excluding IP Addresses From the EASM Discovery

You can exclude individual or multiple IP (IPv4 and IPv6) addresses for managed and unmanaged assets from the EASM discovery.

Also, you can exclude IP addresses for various reasons, such as you don't own the assets, or you are aware of the exposed assets but don't want to see the results in the EASM discovery.

By excluding these IP addresses, you can monitor the most crucial subset of your external attack surface. If you want to include these IP addresses back in the inventory, remove the Exclude filter. 

Note: Only Superusers can exclude IP addresses from the EASM discovery.

Complete the following steps to exclude an individual IP address:

1.  Go to the Inventory > Assets tab, and turn the CSAM EASM toggle to show the EASM assets. 
2.  Select the checkbox next to the IP address from the Asset column that you want to exclude.
3.  From the Quick Actions menu, click Exclude IP from EASM Discovery.

You are navigated to the Configuration tab, wherein you can see the IP address that you selected to exclude is added under the Exclude section.

IP excluded

3.  Click Update. The EASM configuration is now updated. 
After your EASM profile gets updated with this IP address exclusion, the sync is initiated after a couple of hours. Once this sync is completed, the IP address gets excluded, and it’s not considered in the EASM discovery. 

Complete the following steps to exclude multiple IP addresses:

1.  Go to the Inventory > Assets tab, and turn the CSAM EASM toggle to show the EASM assets. 
2.  Select the checkboxes next to the IP addresses from the Asset column that you want to exclude.
3.  From the Actions list, click Exclude IP from EASM Discovery

You are navigated to the Configuration tab, wherein you can see the IP addresses that you selected to exclude are added under the Exclude section. 

Exclusion of multiple IP addresses

3.  Click Update. The EASM configuration is now updated. 
After your EASM profile gets updated with this IP address exclusion, the sync is initiated after a couple of hours. Once this sync is completed, the IP addresses get excluded and they are not considered in the EASM discovery.