Views:

Identify managed and unmanaged devices that may contribute to your organization's attack surface and add discovered devices that should not be assessed to the exception list.

Attack Surface Discovery detects physical devices and servers connected to your organization's network, including devices managed by a Trend Vision One or other Trend Micro agent plus unmanaged devices. After assessment, the devices are categorized and assigned an asset risk score if risks or vulnerabilities are found on the device. Unmanged devices are only displayed for 30 days after discovery.
Assessed devices found to contain risks or vulnerabilities require credits and contribute to your organization's Cyber Risk Index.
The following table describes the fearures available in the Devices section of Attack Surface Discovery.

Feature
Description
Device overview
View the total of discovered managed and unmanaged devices in your organization, both current and over time. For unmanaged devices, only devices detected in the last 30 days are displayed.
Contributing data sources
View the data sources that contribute to device discovery along with the connection status of each data source
Device list
Displays all devices visible within your organization
  • Search for devices by name.
  • Click Filter to add a filter.
  • Click Export to generate a report for the devices currently displayed on the device list.
  • Click the customize columns icon (columnDisplayIcon=20230614105421.jpg) to customize the table columns and the order in which they are displayed.
    Note
    Note
    Data for mobile devices that are discovered by Trend Vision One - Mobile Security is only available for users with the Mobile devices asset visibility scope.
  • Click any device name to view details on the device profile screen.
  • Select devices and click Add to Exception List to add the devices to the exception list. Devices on the exception list are not assessed for risk and do not contribute to your Cyber Risk Index or credit requirements.
  • Select devices and click Manage Tags to assign or remove custom tags from the devices. For more information, see custom asset tags.
  • To manually modify the criticality of a highly critical asset, hover over the critical icon (highly_critical_icon=GUID-79631f5e-f9ec-4366-a8d6-e82e1ddfe206.png) and click Modify Criticality.
  • Quickly identify devices with high-severity vulnerabilities that are directly exposed to the internet, which are highlighted with the direct internet exposure icon (direct_internet_exposure=GUID-f652f5d3-00a9-4b3b-aab0-1dd3da68b18c.png).
Note
Note
  • The Devices section only shows data for devices within the asset visibility scope of the current user, and drilling down from the Last user column is only available for users with the Accounts asset visibility scope.
  • Attack Surface Discovery cannot assess all discovered devices. Devices visible through third-party data sources might not provide enough data for thorough analysis.
Exception list
Click Exception List to view and remove devices on the exception list.