The “Graph” tab shows how the assets discovered in the organization’s surface are connected, offering insights into potential attack paths.
If you select “Graph” in the menu on the left, you will see a graph showing all active assets that Attaxion discovered and traced to the root assets that you provided. You may switch the view to “Show all assets” to include inactive ones.
What Is There in the “Graph” Tab?
The graph shows all assets as small circles and the connections between them as gray lines.
The color of the node tells about the asset’s security status: if it’s green, the asset is secure; if it’s red, the asset is vulnerable. You will also see grayed-out, non-scannable assets, which belong to third-party services related to your infrastructure. These assets are not included neither in vulnerability scans, nor in the billable asset count.
You can zoom in to get a better look at a particular asset and its connections or zoom out to look at the entire attack surface.
You can hover your mouse over an asset to see its name and connections with other assets – they are indicated by arrows moving along the connecting lines.
If you click on an asset, its “Asset Details” window will open, where you can see the asset’s vulnerabilities, discovery path, dependency path, and other information.
Note that for non-scannable assets, there won’t be anything under the “Issues” and “Technologies” tabs, but you can still view all other asset details.
What Can You Do From the “Graph” Tab?
The “Graph” tab gives you a bird’s eye overview of the organization’s attack surface. Its primary purpose is to visualize the attack surface in an easy-to-understand manner and give you ideas about potential attack paths.