The “Graph” Tab Explained

If you select “Graph” in the menu on the left, you will see a graph showing all assets that Attaxion discovered and traced to the root assets that you provided.

What Is There in the “Graph” Tab?

The graph shows all assets as small circles and the connections between them as gray lines.

The color of the node tells about the asset’s security status:

• if it’s green, the asset is secure;
• if it’s red, the asset is vulnerable.
• if it's grayed-out, the asset is non-scannable, which means it belongs to third-party services related to your infrastructure. These assets are not included neither in vulnerability scans, nor in the billable asset count.

You can zoom in to get a better look at a particular asset and its connections or zoom out to look at the entire attack surface.

You can switch the view between "Show active assets only" (the default option) and “Show all assets” if you want to include inactive ones as well.

In the list on the left, you can select one or more root assets to show on the graph. Each root assets will be shown together with the dependent assets that have been mapped to it. The graph becomes more readable when you select only the root assets you're currently interested in.

You can hover your mouse over an asset to see its name and connections with other assets – they are indicated by arrows moving along the connecting lines. 

If you click on an asset, its “Asset Details” window will open, where you can see the asset’s vulnerabilities, discovery path, dependency path, and other information. 

Note that for non-scannable assets, there won’t be anything under the “Issues” and “Technologies” tabs, but you can still view all other asset details.

What Can You Do From the “Graph” Tab?

The “Graph” tab gives you a bird’s eye overview of the organization’s attack surface. Its primary purpose is to visualize the attack surface in an easy-to-understand manner and give you ideas about potential attack paths.