A domain name, subdomain, or IP addresses and/or combination thereof of a
device connected to the Internet or internal network. An asset may include,
but not limited to web servers, name servers, IoT devices, network printers,
Example: foo.tld, bar.foo.tld, x.x.x.x
A complete collection of an organization’s assets and associated metadata of each asset.
Asset management refers to monitoring, configuring, and maintaining of assets.
From the network perspective of an adversary, the complete asset inventory of an organization including all actively listening services (open ports) on each asset.
An ASN is a unique number that's available globally to identify an autonomous system and which enables that system to exchange exterior routing information with other neighboring autonomous systems.
A CDN refers to a geographically distributed group of servers which work together to provide fast delivery of Internet content.
Discovery refers to the act of identifying assets.
A domain name is a label that identifies a network domain. Domain names are
used to identify Internet resources, such as computers, networks, and
services, with an easy-to-remember text label that is easier to memorize
than the numerical addresses used in the Internet protocols.
Example: foo.tld is the domain name of URL http://www.foo.tld/index.html.
Refers to the accessibility of an asset that can be connected to from across the Internet.
A device connected to a network that communicates with other hosts on the network.
A unique name given to any device that is connected to a specific computer
network, typically appended to a domain name, and resolves to an IP-address
using the Domain Name System (DNS).
Example: ‘bar’ is the hostname of bar.foo.tld.
Refers to the accessibility of an asset that cannot be connected to from across the Internet, and generally resides on an internal network (i.e. Intranet).
A hostname that no longer resolves to an IP-address.
Refers to an asset that can be connected to over the Internet. While the terms above are often used interchangeably, Internet-accessible considered the preferred term.
A set of data that describes and gives information about an asset. Metadata may include, but not limited to geolocation, operating system, open ports, service banners, TLS certificate details, etc.
The act of finding assets.
Refers to a type of IP-address where network traffic can be routed to over the Internet. As defined by RFC-1918, there are certain IP-address ranges where network traffic cannot be routed to over the Internet, which are referred to as ‘non-routable’ IP-addresses or ‘private’ IP-space.
10.0.0.0 – 10.255.255.255 (10/8 prefix) 172.16.0.0 – 172.31.255.255 (172.16/12 prefix) 192.168.0.0 – 192.168.255.255 (192.168/16 prefix)
Short for open ports on a server, or a service on the server that responds to network requests.
Scan that analyzes a server to determine which ports are open.
A subdomain is a domain name with a hostname appended, which is sometimes more accurately described as a fully qualified domain name (FQDN).
Refers to the last segment of a domain name, the part following immediately after the “dot” symbol. The most common and familiar TLDs are .com, .net, and .org. Example: TLD is the Top-Level Domain name of the domain name bar.foo.tld There are many other TLDs, such as .co.uk and co.jp, which are technically not TLDs because they are not located at the ‘top level’ of the domain. These types of domains which are referred to as effective TLDs (eTLDS) because they serve a branching point for domain name registrars.
A configuration option for Apps that establishes how often the app should try to get new data.
Refers to a method for hosting multiple hostnames or domain names, with separate handling of each name, on a single server.