Assets

Overview

Assets module can help you to centralize and maintain all of your assets in one place. Using this module, you can define a new asset, store its properties and metadata, and assign it to projects and groups.

You can also utilize the UI import option or the Self-Service API to import assets into this module, for example via CMDB.

This module is optional and can be enabled & disabled via Configuration.

When the Assets module is enabled, the scope sections on projects will reflect the available assets in this module.

Configuring Asset Fields

You can create custom asset schemas and fields from the Administration module.

You can take advantage of custom field access controls to have different asset forms and fields for different types of Roles, Groups or Users. This means customers, business units, teams or individuals can have tailored asset schemas based on their needs.

Creating Assets

You can create a new asset by clicking on New Asset button.

Viewing & Updating Assets

You can view the details for an asset by clicking on its name. Here you can update the asset or view its vulnerabilities.

!IMPORTANT: If you update the name of the asset, it will automatically update the name of the asset on all projects and vulnerabilities which are also linked to/referencing this asset.

Importing Assets

You can import assets from the Assets module using the UI import option or the Service Service RESTful API.

UI Import

Self-Service API

Grouping and Managing Access to Assets

You can use Asset Libraries to assign your assets into groups. This makes it easier to manage your assets and also configure assets for different customers, business units, networks, platforms or teams.

Asset libraries can be configured from the Administration module.

Assets can belong to one or more libraries, allowing to share access or ownership of assets and reducing asset duplication.

Asset libraries can have access controls to manage who can view or edit the assets.

Asset library access controls can be applied to Roles, Groups or Users, and assigned with either View or Edit privileges.

Users with View access to an asset library will be able to see the asset and any vulnerabilities for which that user has access to via projects.

Users will Edit access to an asset library will be able to make changes to an asset, including ability to archive the asset or link additional asset libraries.

Bulk actions can be used to bulk assign assets to libraries.

Archiving Assets

You can archive assets. If you accidentally archive an asset, you can always restore it from the Archived Assets tab.

!IMPORTANT: If you archive an asset from the library - it will NOT delete the asset from a project, or any vulnerabilities linked to/referencing that asset.

Importing Vulnerabilities on a Project

When importing vulnerabilities on a project - the application will check to see if the affected asset for the vulnerability already exists in the library. If it does not exist - it will automatically create the new asset in the library for you.

PreviousAttack ChainsNextWriteups

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge