Company External Assets

Owned by Ryan Seymour
Last updated: Nov 01, 2024
5 min read
CS-Video.png
https://youtu.be/81dE8lkGO7Q

These scans target the areas of your IT ecosystem that are exposed to the internet or are otherwise not restricted to your internal users or systems. They can include websites, ports, services, networks, systems, and applications that need to be accessed by external users or customers.

image-20240516-174127.png

Company External Assets - Table of Contents

External Scanning IP Addressing and Whitelisting

Check our Agent Dependency and Whitelistingdocument for details on IP’s used during external scanning from the ConnectSecure servers.

Company External Assets - Overview

External Asset is any asset ConnectSecure identifies outside the local network/firewall using parameters from your External Scan Profile(s).

External Scan Example

Here, you will see our Default Scan Profiles and any Custom Scan Profiles you can create or have created.

image-20240202-163132.png

ConnectSecure has three default scanning options: Quick Scan, Detailed Scan, and Deep Scan Profiles.

image-20240202-162652.png

Scan Type

Number of Ports

Source

Scan Type

Number of Ports

Source

Quick

1000

IANA

Detailed

3500

IANA

Deep

65535 (ALL)

IANA

Company External Assets - Details

The External Assets screen contains three main pages: Configurations, Profiles, and Results.

image-20240516-174516.png

Configurations

This is where you can manage Configurations, which are the scanning parameters. This includes the Name, Address, Address Type, and Is Excluded options.

Use the three-dot Action menu to Edit Configuration, Remove Configuration, or Scan Now.

image-20240516-174728.png

You can add Configurations by tapping the Add button or using the Bulk Upload option.

Manually Add

Tap the Add button and complete all required fields.

image-20240516-174955.png
image-20241101-180105.png

Igore ports, even if they are open options, will exclude the defined port(s) from the scanning and scoring.

Exclude from scanning box will exclude the entire configuration from scanning.

Scan Later will save the configuration but not kick off a scan right away; the system will wait for the scheduler or a manually started external scan.

Bulk Upload

Tap the upload icon

image-20240516-175049.png

Download the upload template, add your data, and come here to upload.

External Assets Bulk Upload Template: https://portal.myconnectsecure.com/assets/files/endpoints.csv

image-20240516-175136.png

Profiles

This is where you can manage Custom Profiles, with options to Add, Edit, or Delete. This includes the Name, Profile Type, Ports, Protocol, and Service Detections.

Custom profiles are unnecessary for External Scans as the built-in Scan Profiles (Quick, Detailed, Deep) can be used.

Results

This is where you can view your Results from the external scan(s). This includes the IP, Host Name, Risk Score, Security Grade, Importance, Agent Type, Vulnerabilities, Severity, CISA Classified, EPSS Classified, Last Discovered, Last Scanned Time, Asset ID, Auto Tags, and Manual Tags.

image-20240516-175357.png

Tap on the IP to see additional details about the scan.

image-20240614-173930.png

Tap on the Risk Score Letter Grade to see the score breakdown.

image-20240614-174158.png
image-20240614-174234.png

We have a page dedicated to our Asset Risk Score grading and how to work out the math, which is found here: https://cybercns.atlassian.net/wiki/x/JoCZgQ

Company External Assets - Action Toolbar Overview

Jobs - tap to view the historical job(s) for the selected company

Alerts - tap to view the timeline-style System Events

Info - tap to view the Getting Started In App Info

Help-Link - tap to view the online documentation for this page


Company External Assets - Action Toolbar Actions

Job

Tap the Jobs icon to view the external scan job history and current details. This includes the Created Date-Time Stamp, Scan Type, Job Status, and Description.

image-20240516-175845.png

Tap on the Created Date-Time stamp field to see additional details.

image-20240516-175932.png

Full results are displayed in the Results section

Results

This is where you can view your Results from the external scan(s). This includes the IP, Host Name, Risk Score, Security Grade, Importance, Agent Type, Vulnerabilities, Severity, CISA Classified, EPSS Classified, Last Discovered, Last Scanned Time, Asset ID, Auto Tags, and Manual Tags.

image-20240202-191207.png

Tap on the IP address field to see the scan results.

image-20240202-191345.png

The full external scan results include the Grade, Last Scanned Time, Vulnerability by Severity, SSL Attack Info, Remediation Plan Recommendations, and External Ports data.

image-20240202-191903.png
Sample External Scan Results

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login

image-20240206-144508.png