Articles
Go back to application
Articles
Go back to application
Platform Fundamentals
Getting Started
Account Management
User Management
AI
AI Overview
AI Inbox
AI Agents
Knowledge Base
Schedules
Human in the Loop
Workspaces Templates
Running a pentest from a templateWeb Application PentestNetwork External PentestNetwork Internal PentestAPI Security TestingCreating a Blank WorkspaceCode Review Assessment via TemplateThreat Modeling TemplateActive Directory Pentest TemplateAttack Surface Monitoring Template
Logs
AI Pentest
Getting started
Workspaces
Configuration
Operations
Asset Management
Asset Basics
Assets Operations
Asset Customization
Vulnerability Management
Vulnerability Basics
Vulnerability Operations
Vulnerability Organization
Integrations & Connectors
Credential Management
Connector Setup
Synchronization
Scanning and Assesssment
Scanning Operations
Security Analysis
Workflow Configuration
Engagemet Management
Enagagement Basic
Enagagement Operations
Workbook
Pentesting as a Service
PTaaS Basics
Vulnerability Submission
Task Management
Task Basics
Task Automation
Reporting and Documentation
Reports
Documentation
Attack Surface Management
Strobes Attack Surface Management (ASM)

Attack Surface Monitoring Template

The Attack Surface Monitoring template helps organizations continuously discover, inventory, and monitor internet-facing assets. The assessment identifies exposed services, subdomains, technologies, and potential security risks across your external attack surface.

The template is designed for continuous monitoring and can automatically detect newly exposed assets and changes to your external footprint.

Accessing the Attack Surface Monitoring Template

  1. Navigate to AI from the main navigation menu.
  2. Click Workspaces.
  3. Select New Workspace.

Step 1: Select the Attack Surface Monitoring Template

  1. Browse the available assessment templates.
  2. Locate Attack Surface Monitoring.
  3. Click the template card to review the assessment details.

What the Assessment Covers

The assessment typically performs:

  • Subdomain discovery
  • DNS enumeration
  • Internet-facing asset discovery
  • Service identification
  • Technology fingerprinting
  • Exposure monitoring
  • Continuous attack surface tracking

Deliverables

The assessment generates:

  • Asset Inventory
  • Discovered Subdomains
  • Exposed Services
  • Technology Mapping
  • Security Findings
  • Exposure Reports
  1. Click Use this Template.

Step 2: Enter the Workspace Name

After selecting the template, the wizard moves to the Scope stage.

  1. Locate the Workspace Name field.
  2. Enter a descriptive name for the monitoring workspace.

Using a meaningful workspace name helps identify monitoring activities across multiple environments.

Step 3: Enter the Root Domain

The Root Domain is the primary domain that will be monitored.

  1. Locate the Root Domain field.
  2. Enter the organization's primary domain.

The platform uses this domain as the starting point for discovering external assets and subdomains.

Step 4: Select Credentials (Optional)

Credentials can be used to enhance discovery and provide additional context during monitoring.

  1. Review the available credentials.
  2. Select any credentials relevant to the target organization.

Providing credentials may improve asset discovery and validation capabilities.

Step 5: Proceed to Configuration

After completing the scope details:

  1. Verify the workspace name.
  2. Confirm the root domain.
  3. Review any selected credentials.
  4. Click Next.

The wizard opens the Configure page.

Step 6: Select an AI Model

The AI Model determines the reasoning engine used during asset analysis and risk evaluation.

  1. Open the Model dropdown.
  2. Review the available models.
  3. Select the model that best fits your monitoring requirements.

Step 7: Configure the Shell Environment

The Shell Environment defines where the AI agent executes monitoring activities.

  1. Open the Shell Environment dropdown.
  2. Select the desired environment.

The selected environment determines how the assessment performs discovery and analysis activities.

Step 8: Configure the Browser Environment

The Browser Environment enables web-based discovery and validation activities.

  1. Open the Browser dropdown.
  2. Select the preferred browser environment.

The browser environment assists with web asset validation and exposure analysis.

Step 9: Configure the Monitoring Schedule

Select how frequently the attack surface should be monitored.

Daily Monitoring

Daily discovery scans detect:

  • New subdomains
  • Newly exposed services
  • Changes to internet-facing assets

This option is recommended for most organizations.

Weekly Deep Scan

Weekly deep scans perform:

  • Comprehensive asset discovery
  • Extended enumeration
  • Broader service analysis

One-Time Discovery

Creates an initial attack surface baseline without recurring monitoring.

Use this option when:

  • Performing an initial assessment
  • Creating an asset inventory
  • Conducting a point-in-time review
  1. Select the preferred schedule.
  2. Review the execution frequency.

Step 10: Select an Execution Mode

Choose how the AI agent progresses through the monitoring workflow.

Autonomous

The AI agent automatically completes all phases without requiring approval.

Recommended for:

  • Continuous monitoring
  • Automated discovery
  • Recurring assessments

Human-in-the-Loop

The AI pauses at defined checkpoints and waits for user approval before continuing.

Recommended for:

  • Controlled execution
  • Manual validation
  • Sensitive environments
  1. Select the desired execution mode.
  2. Review the workflow behavior.

Step 11: Configure Auto-Remediation (Optional)

Auto-remediation can automatically generate remediation actions when supported.

  1. Locate the Auto-remediation setting.
  2. Enable or disable the toggle as required.

When enabled, the platform may generate remediation recommendations and workflows for identified issues.

Step 12: Review the Assessment Configuration

After completing the configuration, click Review.

The Review page displays:

Workspace Details

  • Workspace Name
  • Selected Template

Scope Details

  • Root Domain
  • Selected Credentials

Configuration

  • AI Model
  • Shell Environment
  • Browser Environment

Monitoring Settings

  • Schedule
  • Execution Mode
  • Auto-remediation Status

Carefully verify all settings before launching the monitoring workspace.

Step 13: Launch the Monitoring Workspace

Once all settings have been reviewed:

  1. Click Create & Launch.
  2. The workspace is created.
  3. Monitoring begins according to the selected schedule.

The platform will continuously:

  • Discover new assets
  • Monitor subdomains
  • Identify exposed services
  • Detect attack surface changes
  • Generate findings and recommendations

Notes

  • Ensure the root domain is entered correctly before launching the assessment.
  • Daily Monitoring is recommended for organizations with frequently changing infrastructure.
  • Weekly Deep Scans provide broader visibility across external assets.
  • Human-in-the-Loop mode offers additional control over monitoring workflows.
  • Auto-remediation should be reviewed before enabling in production environments.


Was this article helpful?

Powered by Product Fruits