View Asset Attribution

When analyzing exposed assets detected by Tenable Attack Surface Management, it is crucial to understand why each asset appears in the inventory. The asset details page provides origin attributions, offering key insights that enhance analysis by:

  • Clarifying asset relevance within the source and inventory context.

  • Minimizing manual asset attribution analysis.

  • Filtering or searching assets based on attribution events, such as assets linked to an inventory because the WHOIS registrant email of the asset is associated with a specific organization.

The Origin section on the Asset Details page includes a timeline illustrating each stage of the Tenable Attack Surface Management process of adding an asset to the inventory, including:

  • The ID of the user who initially added the source to the inventory and thereby directly or indirectly added the asset.

  • The timestamp when the source was added.

  • The timestamp when the asset was added to the source.

  • If Tenable Attack Surface Management adds the asset based on an automation rule, then the timeline shows the rule's creation time. For instance, an asset may be added when an automation rule accepts a suggested domain into the inventory. You can click the View automation rule link to open the Add Automation Rule window to view or modify the automation rule. If the automation rule was updated, you can click the View logs link to open the Activity Logs page to view the changes.

  • The type of source. For example, if the source is IP-based, domain-based, AWS, or Cloudflare.

  • If an asset belongs to multiple sources, each source is highlighted in a different color. For example, blue for an IP-based source and dark blue for a domain-based source.

  • A Find similar assets link to the assets list page that shows assets with similar origin.

To view the origin details for an asset in your inventory:

  1. In Tenable Attack Surface Management, in the upper-right corner, click the button.

  2. In the drop-down list, select an inventory.

    The inventory page appears with the list of assets.

  3. In the list, hover over an asset to see its details.

  4. Click the button.

    The asset details page appears. See the Origin section at the top of the page for the asset attribution details. You can use the slider to navigate the various timelines associated with the asset.