What is an asset?
An asset is a digital inventory of your organization with which you provide various kinds of IT services to your customers or internal employees. This could be your:
- Web applications
- Code repositories
- API services
- Mobile applications
- Network hosts
- Container images
- Cloud environments
Business sensitivity can be defined as the importance of the asset to the business. In Strobes, every asset is expected to be classified with business sensitivity. The scale of business sensitivity is as follows:
You can classify all of your assets that provide your core business services and carry sensitive information such as transactional information, PII data, etc. as Critical and High assets. Other supporting assets such as employee machines, static websites, etc. can be classified under Medium, Low, or None as per the business need.
In case if you are importing assets or vulnerabilities via CSV or other XML-based report import connectors, by default the platform will assume the assets' Business Sensitivity is None.
The Business Sensitivity parameter plays a key role in helping the Strobes prioritization engine associate the business context to the vulnerabilities.
Asset Exposure can be defined as whether an asset is publicly accessed or restricted for internal usage.
In Strobes, you are required to provide this parameter for each asset. The options include:
In case if you are importing assets or vulnerabilities via CSV or other XML-based report import connectors, by default the platform will assume the assets to be Public.
This parameter helps the Strobes prioritization engine associate the asset context to the vulnerabilities. To learn more about how prioritization works, please refer to the Resources section.
For better asset management, Strobes allows you to add tags to the assets. You can add tags either from the View Asset page or while adding the asset manually.