Cortex Attack Surface Management
Integration to pull assets and other ASM related information.
Vulnerability Management · Cortex Attack Surface Management
Configuration parameters
url— Server URL (required)credentials— API Key ID (required)insecure— Trust any certificate (not secure)proxy— Use system proxy settings
Commands (10)
-
asm-get-asset-internet-exposureGet internet exposure asset details according to the asset ID.
-
asm-get-attack-surface-ruleGet information of an attack surface rule ID.
-
asm-get-external-ip-address-rangeGet the external IP address range details according to the range IDs.
-
asm-get-external-serviceGet service details according to the service ID.
-
asm-get-remediation-confirmation-scan-statusGet the status of an existing Remediation Confirmation Scan.
-
asm-list-asset-internet-exposureGet a list of all your internet exposure filtered by IP address, domain, type, asm id, IPv6 address, AWS/GCP/Azure tags, has XDR agent, Externally detected providers, Externally inferred cves, Business units list, has BU overrides and/or if there is an active external service. Maximum result limit is 100 assets.
-
asm-list-external-ip-address-rangeGet a list of all your internet exposure filtered by business units and organization handles. Maximum result limit is 100 ranges.
-
asm-list-external-serviceGet a list of all your external services filtered by business units, externally detected providers, domain, externally inferred CVEs, active classifications, inactive classifications, service name, service type, protocol, IP address, is active, and discovery type. Maximum result limit is 100 assets.
-
asm-list-remediation-ruleReturns the list of remediation path rules. This command applies only to Expander v2.
-
asm-start-remediation-confirmation-scanStarts a new Remediation Confirmation Scan or gets an existing scan ID.