Glossary

Asset discovery, also known as supply chain discovery, is the process of identifying the IT assets that make up the attack surface, including known and unknown assets, managed and unmanaged assets, as well as vendors’ assets, subsidiaries’ assets, and rogue (malicious) assets. The attack surface constantly expands as business needs change and new assets like systems, devices, and users are added. Therefore, asset discovery must be a continuous process to identify previously unknown and potentially malicious assets, their connections, and how they might impact first-party assets if breached.