Views:

Identify service and domain accounts that may contribute to your organization's attack surface.

Attack Surface Discovery detects your organization's domain and service accounts using your connected data sources. After assessment, the accounts are categorized and assigned a risk score if there are risks or vulnerabilities associated with the account. The domain and service account lists allow you to identify highly-privileged accounts and take action on accounts that have excess privileges or display risky activity or behavior.
The following features are available in the Accounts section of Attack Surface Discovery.

Feature
Description
Domain accounts overview
In the Domain accounts tab, view the total discovered domain accounts over time organized into member and guest accounts.
Domain accounts contributing data sources
In the Domain accounts tab, view the data sources that contribute to account discovery along with the data source connection status.
Domain account list
Displays all visible domain accounts, identifies highly-privileged accounts, and allows you to view detailed risk profiles
  • Search for accounts by name.
  • Click Add filter to add a filter.
  • Click Export to generate a report for the accounts currently displayed on the list.
  • Click the customize columns icon (columnDisplayIcon=20230614105421.jpg) to customize the table columns and the order in which they are displayed.
  • Click any service account name to view details on the account profile screen.
  • To manually modify the criticality of a highly critical asset, hover over the highly critical icon (highly_critical_icon=GUID-79631f5e-f9ec-4366-a8d6-e82e1ddfe206.png) and click Modify Criticality.
  • Select accounts and click Manage Tags to assign or remove custom tags from the devices. For more information, see custom asset tags.
  • To create a Security Awareness training campaign for a specific user, click the associated actions icon (options=ddb0b67f-0654-4aa5-8bc7-48ec554c5448.png) and then click Create Training Campaign.
  • To perform a Zero Trust Secure Access action on the account, click the associated actions icon (options=ddb0b67f-0654-4aa5-8bc7-48ec554c5448.png) and choose the desired action.
Service account overview
In the Service accounts tab, view the total discovered service accounts over time.
Service account contributing data sources
In the Service accounts tab, view the data sources that contribute to account discovery along with the data source connection status.
Service account list
  • Search for accounts by name.
  • Click Add filter to add a filter.
  • Click Export to generate a report for the accounts currently displayed on the list.
  • Click the customize columns icon (columnDisplayIcon=20230614105421.jpg) to customize the table columns and the order in which they are displayed.
  • Click any user name to view details on the service account profile screen.
  • To manually modify the criticality of a highly critical asset, hover over the highly critical icon (highly_critical_icon=GUID-79631f5e-f9ec-4366-a8d6-e82e1ddfe206.png) and click Modify Criticality.
  • Select accounts and click Manage Tags to assign or remove custom tags from the devices. For more information, see custom asset tags.