FAQs
      Back to home
      1. Knowledge Base
      2. FAQs

      Assets and Asset Types

      Attaxion manages 10 types of external assets, though not all of them can be added manually or are subject to billing.

      As an external attack surface management (EASM) platform, one of Attaxion’s main functions is to discover an organization's external assets and identify their vulnerabilities.

      What is an External Asset


      An external asset is a component of your organization’s digital infrastructure that is visible to outsiders and potentially exploitable.


      In Attaxion, external assets are classified by two main categories: root assets vs other assets, and by asset type.

      Root Assets

      A root asset is an external asset that the user manually adds to Attaxion with the goal of discovering related assets.


      A root asset can be a domain, IPv4 or IPv6 address, an organization, a CIDR, or a cloud account with AWS, Azure, Google Cloud Platform, or Digital Ocean.


      To start the process of discovering external assets related to a root asset, the root asset should be verified. Refer to the article about root assets' verification for details of this process.


      Root assets are added one by one, but there is no hard limit of root assets that can be added within each account.

      Other External Assets

      While root assets are added automatically and need to be verified, other external assets are discovered by Attaxion using various reconnaissance techniques and added to the asset list.


      These assets do not require verification.


      The associated data, such as vulnerabilities and availability, that Attaxion provides for root assets and other external assets is roughly the same.

      What Types of External Assets Does Attaxion Work With:

      Attaxion works with the following types of assets:

      • Domains (only for root assets)
      • Subdomains
      • IP addresses (both IPv4 and IPv6)
      • Open ports
      • Organizations (only for root assets. It's a root asset type one can use to run discovery based on reverse WHOIS lookups and IP netblock lookups for the organization's name)
      • Email addresses
      • Clouds
      • CIDRs
      • SSL certificates

      Assets and Pricing

      In Attaxion, pricing is determined by the assets classified as billable. You can find more details on our pricing page