Cortex Attack Surface Management

Integration to pull assets and other ASM related information.

Vulnerability Management · Cortex Attack Surface Management

Configuration parameters

  • url — Server URL (required)
  • credentials — API Key ID (required)
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings

Commands (10)

  • asm-get-asset-internet-exposure

    Get internet exposure asset details according to the asset ID.

  • asm-get-attack-surface-rule

    Get information of an attack surface rule ID.

  • asm-get-external-ip-address-range

    Get the external IP address range details according to the range IDs.

  • asm-get-external-service

    Get service details according to the service ID.

  • asm-get-remediation-confirmation-scan-status

    Get the status of an existing Remediation Confirmation Scan.

  • asm-list-asset-internet-exposure

    Get a list of all your internet exposure filtered by IP address, domain, type, asm id, IPv6 address, AWS/GCP/Azure tags, has XDR agent, Externally detected providers, Externally inferred cves, Business units list, has BU overrides and/or if there is an active external service. Maximum result limit is 100 assets.

  • asm-list-external-ip-address-range

    Get a list of all your internet exposure filtered by business units and organization handles. Maximum result limit is 100 ranges.

  • asm-list-external-service

    Get a list of all your external services filtered by business units, externally detected providers, domain, externally inferred CVEs, active classifications, inactive classifications, service name, service type, protocol, IP address, is active, and discovery type. Maximum result limit is 100 assets.

  • asm-list-remediation-rule

    Returns the list of remediation path rules. This command applies only to Expander v2.

  • asm-start-remediation-confirmation-scan

    Starts a new Remediation Confirmation Scan or gets an existing scan ID.