Asset Types and Formats
This topic describes the asset types that you can add and the accepted sectors and locations to use when formatting assets.
Tip : The quality of threats and alerts is directly related to the defined assets; more defined assets will yield more complete and higher quality threats and alerts.
The following table describes the assets that can be configured. Values are not case-sensitive unless specified as such in the Formatting column.
|Company names||The organization’s official name and names of subsidiaries. This includes commonly used short names, nicknames, product names, names for a range of products, and company trademarks.||Nike, Microsoft|
|Domains||Public domains owned by the company and/or those that serve its mail servers and email addresses.||[company].com or [company].net|
|Brand names||A name to a trademark, or alternatively to a line of products, that was given by the legal owner of these assets.||Coca-Cola, Pepsi|
|Mobile & browser apps||Links to the official application in mobile app stores and browser app stores.||https://play.google.com/store/apps/details?id=company||Most parts of the URL are case-sensitive; only the scheme/protocol (e.g. http://) and the host (e.g. facebook.com) are not. Trailing slashes are permitted.|
|Social media official pages||Links to the official company pages and profiles in social media. This asset helps the system to locate fake pages.||https://www.facebook.com/rapid7, https://www.instagram.com/rapid7, https://www.linkedin.com/company/rapid7||Most parts of the URL are case-sensitive; only the scheme/protocol (e.g. http://) and the host (e.g. facebook.com) are not. Trailing slashes are permitted.|
|External IP addresses||The range of external IP addresses that serve your organization.||18.104.22.168, 22.214.171.124/24.||Do not provide internal IP addresses (such as 10.0.0.1, 192.168.2.34, 172.16.0.1). IP ranges that contain more than 256 addresses must be split or receive special approval. To use subnet masks smaller than x.x.x.x/24, contactCustomer Support.|
|Login pages||URLs of official login pages. These assets help the system find leaked credentials and phishing webpages.||Most parts of the URL are case-sensitive; only the scheme/protocol (e.g. http://) and the host (e.g. facebook.com) are not. Trailing slashes are permitted.|
|Technologies in use||Products, hardware, or software that are used in the organization. These assets help find published vulnerabilities about company technologies. You can add multiple naming schemes (CPEs) at once, as described in The "Technologies in use" asset (or in (doc:configuring-assets#the-technologies-in-use-assets) for the deprecated Assets page.||Google Chrome 10.0.603.0, Alcatel Adsl Modem 1000||Values are case-sensitive.|
|DLP indicators||Data Loss Prevention indicator strings are UNIQUE company DLP that mark internal company documents. This helps identify leaked documents to make threat and alert notifications more relevant. For more information, see Data Leakage.||“[Company] confidential”, “Property of [Company]”, “Classification level - [Company]”).||Values are case-sensitive.|
Not simply the word "confidential" or "classified," DLP should include a string with a company or brand name or a unique string known within your company.
|Secret projects||In-house technologies and project names. These assets help the system identify leakage of sensitive company information.||Tell Nobody XYZ, Secret Plans Eagle|
|VIP names||Names of company VIPs or other personnel who possess sensitive data (e.g., other executives, IT personnel)||John Doe, Jane Doe|
|VIP emails||Email addresses of company VIPs or other personnel who possess sensitive data (e.g., other executives, IT personnel)||firstname.lastname@example.org, email@example.com|
|Countries of activity||Countries where the organization headquarters and branch offices are located. These assets help the system find alerts relevant to the company's geographic areas of activity.||See theaccepted country values.|
|Sectors||Sectors in which the company operates. These assets help the system find alerts relevant to the organization’s sector.||Values are case-sensitive. See the accepted sector values.|
|BIN numbers||The bank identification number (BIN), the initial four to six numbers of a credit card, indicates the institution that issued the credit card. BIN is primarily used to match between the transaction and the person or company that supplies something.|
|Routing numbers||The bank routing number or routing transit number (RTN) is a nine-digit code used to identify financial institutions in a transaction. Most common transaction types where routing numbers are used are ACH and wire transfers.|
|SWIFT codes||The SWIFT (or BIC) code contains 8 or 11 alphanumeric characters that represent international banking numbers used for international transactions.||Values are case-sensitive.|
|Public repositories||The URL of a repository to check for leaked secrets. Use the URL of the specific repository to be covered (not the "organization" page that may include nested repositories).||https://github.com/Intsights/taco orhttp://gitlab.com/intsightshttp://gitlab.com/intsights/tortilla||Most parts of the URL are case-sensitive; only the scheme/protocol (e.g. http://) and the host (e.g. facebook.com) are not. Trailing slashes are permitted.|
Note: github.com/Intsights is not a valid asset, as it refers to an account overview and not a repository.
|Public repository queries||Unique, high-indication, exact strings that will help to target repositories connected to your business.|
Common uses: internal server names, AD path, subdomains (not SMTP mail domains), company GIT, package names, etc.
|· AD path "dc=aryp,dc=com"|
· Subdomains esi.aryp.com
· Company GIT "git.newegle"
· Package name or package name query "com.kioup.dc.function.core.model.SearchResult" or ".com.ritnyl" AND "apikey"
|Values are case-sensitive.|
All searches are considered to be exact, as if the search term is surrounded by apostrophes. You can use the AND (uppercase) operator to combine multiple exact terms.
|Code mentions||A phrase, keyword, or complex expression that, when found in code outside of a company repository, can indicate code leakage or unauthorized use of a company asset. Every found mention of the listed phrase will be displayed as anAsset Mentionsthreat.||"PyRepScan" describes an internal library that is specific to Rapid7.|
intsights.com AND <password>
|Any word or phrase that is relevant to company code. This can also be a word that describes a component within the code. Values are case-sensitive.|
For most accurate results, every phrase is searched for an exact match.
To search for more than one phrase, use the AND operator between the phrases.
|Custom Queries||Keywords (max: 5) that indicate interesting cyberintelligence content.||gasoline, gasoline AND unleaded, "unleaded gasoline"||Values are case-sensitive.|
To find a combination, separate the keywords by a space and the word AND (uppercase). To match an exact phrase, surround it with apostrophes. Special characters will be automatically escaped. For example, the phrase New-York will be translated to New-York.
|Black list||Words or expressions that typically appear on web pages that contain irrelevant content.||media only, advertisement|
|Patent drugs||A medication that is sold under a brand name by which the clinicians can prescribe it. The medication is covered under patent protection.|
|Brand name drugs||A medication that is sold under a brand name by which the clinicians can prescribe it.||Viagra|
Accepted location values
This section lists the accepted location values.
|Afghanistan||Cayman Islands||Gibraltar||Libyan Arab Jamahiriya||Oman||South Sudan|
|Åland Islands||Central African Republic||Greece||Liechtenstein||Pakistan||Spain|
|Algeria||Chile||Grenada||Luxembourg||Palestine, State of||Sudan|
|Andorra||Christmas Island||Guam||Macedonia, The Former Yugoslav Republic of||Papua New Guinea||Svalbard and Jan Mayen|
|Angola||Cocos (Keeling) Islands||Guatemala||Madagascar||Paraguay||Swaziland|
|Antigua and Barbuda||Congo||Guinea-Bissau||Maldives||Pitcairn||Syrian Arab Republic|
|Argentina||Congo, The Democratic Republic of the||Guyana||Mali||Poland||Taiwan|
|Aruba||Costa Rica||Heard Island and Mcdonald Islands||Marshall Islands||Puerto Rico||Tanzania, United Republic of|
|Australia||Croatia||Holy See (Vatican City State)||Martinique||Qatar||Thailand|
|Bangladesh||Denmark||India||Micronesia, Federated States of||Saint Barthélemy||Trinidad and Tobago|
|Barbados||Djibouti||Indonesia||Moldova, Republic of||Saint Helena||Tunisia|
|Belarus||Dominica||Iran, Islamic Republic Of||Monaco||Saint Kitts and Nevis||Turkey|
|Belgium||Dominican Republic||Iraq||Mongolia||Saint Lucia||Turkmenistan|
|Belize||Ecuador||Ireland||Montenegro||Saint Martin (French part)||Turks and Caicos Islands|
|Benin||Egypt||Isle of Man||Montserrat||Saint Pierre and Miquelon||Tuvalu|
|Bermuda||El Salvador||Israel||Morocco||Saint Vincent and the Grenadines||Uganda|
|Bolivia||Eritrea||Jamaica||Myanmar||San Marino||United Arab Emirates|
|Bonaire, Sint Eustatius and Saba||Estonia||Japan||Namibia||Sao Tome and Principe||United Kingdom|
|Bosnia and Herzegovina||Ethiopia||Jersey||Nauru||Saudi Arabia||United States|
|Botswana||Falkland Islands (Malvinas)||Jordan||Nepal||Senegal||United States Minor Outlying Islands|
|Bouvet Island||Faroe Islands||Kazakhstan||Netherlands||Serbia||Uruguay|
|British Indian Ocean Territory||Finland||Kiribati||New Caledonia||Sierra Leone||Vanuatu|
|Brunei Darussalam||France||Korea, Republic of||New Zealand||Singapore||Venezuela|
|Bulgaria||French Guiana||Kosovo||Nicaragua||Sint Maarten (Dutch part)||Vietnam|
|Burkina Faso||French Southern Territories||Kuwait||Niger||Slovakia||Virgin Islands, British|
|Burundi||Gabon||Kyrgyzstan||Nigeria||Slovenia||Virgin Islands, U.S.|
|Cambodia||Gambia||Latvia||Niue||Solomon Islands||Wallis and Futuna|
|Cameroon||Georgia||Lebanon||Norfolk Island||Somalia||Western Sahara|
|Canada||Germany||Lesotho||Northern Mariana Islands||South Africa||Yemen|
|Cape Verde||Ghana||Liberia||Norway||South Georgia and the South Sandwich Islands||Zambia|
Accepted sector values
This section lists the accepted sector values (case-sensitive).
|Advertising||Consumer Durables||Food & Beverage||Investment||Publishing|
|Aerospace/Defense||Consumer Non-Durables||Gaming||Law Enforcement||Real Estate|
|Automotive||Diversified Services||Health Services||Major Corporations||Retail|
|Banking||Education||Hotels, Restaurants & Leisure||Manufacturing||Sport|
|Casino||Electronics||Human Resources Departments||Materials & Construction||Technology|
|Computer Hardware||Entertainment||Information services||Metals & Mining||Tobacco|
|Computer Software & Services||Financial Services||Insurance||Non-Profit||Transportation|