Getting started
      Back to home
      1. Knowledge Base
      2. Getting started

      How to Add and Verify a Root Asset in Attaxion

      You can add various types of root assets to Attaxion in the Management section. The verification process for most of them is different.

      To start working with Attaxion, you need to add and verify a root asset. Attaxion will then proceed to discovering external assets related to this asset and finding their vulnerabilities.


      In this article, we go through the process of adding, verifying, and removing root assets.

      What Can Be a Root Asset

      A root asset is an external asset that the user manually adds to Attaxion with the goal of discovering related assets.


      A root asset can be one of the following things:

      • Domain
      • IPv4 or IPv6 address
      • Organization
      • CIDR
      • AWS account 
      • Microsoft Azure account 
      • Google Cloud Platform account
      • Digital Ocean account.

      How to Add a Root Asset to Your Attaxion Account and Verify It

      After you’ve created an account and verified your email address, Attaxion would automatically prompt you to add a root asset.


      If you skipped the prompt for some reason, you can always get back to it by choosing “Management” in the menu on the left, and then clicking “Add new Root Asset” in the upper right corner.

      add-root-asset-1

      After that, you’ll need to choose the type of root asset that you want to add. Attaxion will then guide you through the process of adding the asset, which is different for different asset types.


      The asset will appear on the list even before you verify it. But scanning won’t begin until you verify the asset. You can check if the asset is verified by clicking on it and checking if there’s a “Verification Required” warning tag in the upper left corner of the asset window.

      add-root-asset-CIDR

      For Domains


      This is the recommended way of adding new root assets. 


      First, type in the address of the domain that you want to add. 


      To verify ownership of the domain, Attaxion will prompt you to add a TXT file to the root directory of the website, or to add a DNS record. 


      After you’re done with the required steps, you’ll need to return to Attaxion and click the Verify button. Normally it takes a few minutes, but with a DNS record, it sometimes may take up to 48 hours.

      add-root-asset-dns

      For Organization Asset Type

      This is a manual process.


      First, type in the name of the organization. 


      Then, you’ll need to contact the service desk at service.desk@attaxion.com to manually verify the organization.


      add-root-asset-organization

      For IPv4 or IPv6 addresses and CIDRs

      Just like with organizations, it’s also a manual process.


      First, type in the IP address that you want to add. 


      Then, you’ll need to contact the service desk at service.desk@attaxion.com to manually verify the organization.

      add-root-asset-IP

      For AWS Accounts

      Refer here to learn how to connect an AWS account to Attaxion.

      For GCP Accounts

      Refer here to learn how to connect a GCP account to Attaxion.

      For Azure Accounts

      Refer here to learn how to connect an Azure account to Attaxion.

      For Digital Ocean Accounts

      Refer here to learn how to connect a Digital Ocean account to Attaxion.