Explore Your Attack Surface

Your attack surface is composed of assets, identities, and any externally accessible IP addresses, domains, network services, or certificates. For more information on these concepts, refer to Surface Command Overview. The Attack Surface > Overview page in the Command Platform provides a quick summary of your entire attack surface. After setting up essential Connectors and your External Attack Surface, the Attack Surface Overview offers the best view of coverage and insights for your Attack Surface. Rapid7 organizes the dashboard into the following distinct areas:

  • Assets and Identities: Assets can be either on-premise (servers, laptops) or cloud (EC2 instance, Azure VM) and are identified as such by Surface Command Connectors. Identities, such as users or roles, are also identified by Surface Command Connectors. Data related to assets and identities is surfaced using Surface Command queries or dashboards. Click any of the asset or identity counts to begin exploring the relevant data in Surface Command. Review Internal attack surface for more details.
  • Priority Actions: Priority Actions correlate to the actions Rapid7 suggests you prioritize to improve Your Security Program the most. Click any of the cards in this section to begin exploring pre-made filters in Surface Command. Review Explore assets and identities for more details.
  • External Attack Surface: Data related to external assets comes directly from the External Attack Surface page. Review External attack surface for more details.

Looking to start exploring your attack surface quickly?

The quickest way to get data on this dashboard is to follow the Quick Start Guide.