Source IP addresses for Attack Surface Testing scans

To view the IP address range Cortex XSIAM uses for vulnerability tests, navigate to SettingsConfigurationsAttack SurfaceAttack Surface Testing and refer to the Source IP Addresses section. We recommend adding this range to your organization's security tooling allow lists to avoid unnecessary alerting; however, we do not recommend modifying the configuration of your perimeter security controls to allow this traffic to pass. The aim of Attack Surface Testing is to confirm the exploitability of vulnerabilities from an attacker perspective.