Assets are created in RedShield for each of your applications, these assets are then used by our systems and scanners to report on vulnerabilities and provide RedShield shielding and attack reporting. The help article below contains information about the different types of assets, setting up assets, viewing their statuses and any associated bulk actions that can be applied to them.
Help sections relating to assets:
- Asset types and properties
- Table Column Information
- Bulk Actions
- Editing an asset
Asset Settings Page:
The assets settings page is located under the main settings menu the page is broken into three sections based on the asset types, the settings page is available to all users who have an administration role.
Asset types and properties
Shielded Asset: A shielded asset is an asset that is part of a shielded scan, these assets have additional setup properties and run the shielded scan profile. Shielded assets also contain additional reporting, bulk actions and commands relating to the shielding service. All shielded assets that are provisioned correctly and have no setup errors or warnings (see asset setup and status for more information) are being actively protected via our shielding service.
Network Range: Network range assets have the asset type of CIDR and are the recommended asset type if you have ranges that are constantly being changed or having new hosts added. If you use this asset type then the vulnerability scanners will first do a discovery scan on the entire range, any hosts found online will be added as targets for the vulnerability scan. It is important to note that bulk actions applied to CIDR ranges effect every active IP in the range, you can not apply bulk actions to individual IP's from the range. If you require this sort of control we suggest you add that IP as a single asset.
Asset: This is the common asset type for scanning assets. Single assets have no additional properties and will be scanned by the vulnerability scanner and analysed with previous scanning results.
Table column information
Client: Who the asset belongs to
Name: The asset name is a way for you to easily identify the asset you are scanning. In the example above the nice name is also the same as the value however you can use any name you like to identify the asset for example: "RedShield Website".
Target: The asset target is the location of the asset, this will change depending on the asset type (e.g. url, ip, cidr). It is important that the asset location is accurate at all times as this value is used by RedShield in the initial discovery phase of the scan. If you are making changes to your asset locations it is important that you exclude the old asset and add a new asset with the changed location as this will effect your scanning results.
Scan: This is the scan that the assets are included in (if any) all assets associated with the same scan will run together.
Scan Type: This is the type of scan the asset is included in e.g. standard, shielded, internal and pci.
Verified On: This is a very important column as all assets must be verified by the RedShield team or your RedShield provider to ensure ownership, accuracy and scan compatibility. Any assets unverified will not be scanned or able to be set to the included status. Assets that are verified will show the verified timestamp in the column. If you would like to view all unverified assets sort by validated, jump to the last page and all unverified assets will be there.
Verified By: This is the person who verified your asset.
Created On: This is when the asset was created.
To apply a bulk action, select the rows you would like to apply the action to and right click on the table row. Select the action you would like and apply, your data should reload instantly and you will notice the table rows updated to reflect the action that was applied. Details about each action can be found below:
Delete: This will delete the assets and vulnerabilities found on that asset in previous scans will not be removed. The Delete action can not be undone easily. Proceed with caution when you delete your assets.
Editing an asset:
You can edit the asset name by clicking the edit (pencil) icon to open the asset modal
To add new assets or change targets please contact RedShield support (firstname.lastname@example.org)
Deleting an asset:
Assets can be deleted two ways:
1. Single delete: Click the delete icon found in the table row on the settings > assets page
2. Bulk Delete: Select the table rows you would like to delete and right click and use to delete bulk action
Asset Setup & Status
The asset setup and status overview helps you see exactly what state your asset is in. The overview is located on the home page and the assets are grouped by scan (schedule) clicking the schedule name will expand to show individual asset statuses clicking each asset status will also provide you with more information about that status.
RedShield consultants and analysts are responsible for setting up your shielded assets and applying their status. Other statuses like vulnerability or scheduling information will be automatically updated from the system.