Asset Discovery
Overview
The Assets page provides visibility into your organization's external attack surface. Discover domains, subdomains, IP addresses, and web servers.
Asset Types
Domains
Your registered domain names:
- Primary domains (yourcompany.com)
- Product domains
- Marketing domains
- Legacy domains
Subdomains
Discovered subdomains:
- app.yourcompany.com
- api.yourcompany.com
- staging.yourcompany.com
- internal.yourcompany.com
IP Addresses
Associated IP addresses:
- Web servers
- API endpoints
- Mail servers
- DNS servers
Web Servers
Running web services:
- Technologies detected
- Ports open
- Certificates
- Screenshots
Adding Domains
Manual Addition
- Navigate to Infrastructure → Assets
- Click Add Domain
- Enter domain name
- Verify ownership (DNS or file)
- Confirm addition
Domain Verification
Prove domain ownership:
DNS Verification:
Add TXT record: bastion-verify=abc123xyz
File Verification:
Create file: /.well-known/bastion-verify.txt
Content: abc123xyz
Discovery
How Discovery Works
DNS Enumeration
Query DNS records for subdomains.
Certificate Transparency
Search CT logs for issued certificates.
Web Crawling
Follow links to discover related assets.
Port Scanning
Check for open ports and services.
Fingerprinting
Identify technologies and versions.
Discovery Methods
| Method | What It Finds |
|---|---|
| DNS Records | A, AAAA, CNAME, MX, TXT |
| CT Logs | All issued SSL certificates |
| Brute Force | Common subdomain names |
| Historical Data | Previously seen subdomains |
| Web Scraping | Links in web pages |
Running Discovery
- Select domain
- Click Run Discovery
- Choose depth (quick/standard/deep)
- Wait for completion
- Review new findings
Asset Details
Domain Details
Click on a domain to view:
- Registrar information
- DNS records
- SSL certificates
- Associated subdomains
- Historical data
Subdomain Details
For each subdomain:
| Field | Description |
|---|---|
| IP Address | Resolved IP |
| Status | Active/Inactive |
| Technologies | Detected stack |
| Ports | Open ports |
| Last Seen | Recent activity |
| Screenshot | Visual preview |
IP Address Details
For each IP:
- Hosting provider
- Location (geo)
- Open ports
- Associated domains
- Service banners
Screenshots
Automatic Screenshots
Bastion captures screenshots of web assets:
- Homepage appearance
- Visual change detection
- Defacement monitoring
- Content verification
Screenshot Gallery
View all screenshots:
- Go to Assets → Screenshots
- Browse by domain/subdomain
- View current and historical
- Compare changes over time
Technology Detection
Detected Technologies
| Category | Examples |
|---|---|
| Web Server | nginx, Apache, IIS |
| Framework | React, Angular, Django |
| CMS | WordPress, Drupal |
| CDN | Cloudflare, Akamai |
| Analytics | Google Analytics |
| Security | WAF, CAPTCHA |
Why It Matters
Technology detection helps:
- Identify vulnerable versions
- Understand attack surface
- Prioritize patching
- Plan penetration tests
Asset Classification
Status Labels
| Status | Meaning |
|---|---|
| Active | Currently in use |
| Inactive | Not responding |
| Unknown | Needs investigation |
| Excluded | Intentionally ignored |
Classification
Categorize assets:
- Production
- Development
- Staging
- Legacy
- Third-party
Ownership
Assign owners to assets:
- Select asset
- Click Assign Owner
- Select user/team
- Save
Excluding Assets
When to Exclude
Exclude assets that are:
- Not owned by your organization
- Intentionally public
- Known and accepted risks
Creating Exclusions
- Select asset
- Click Exclude
- Provide justification
- Set expiration (optional)
- Confirm
Monitoring
Change Detection
Monitor for changes:
- New subdomains discovered
- IP address changes
- Technology changes
- Certificate expiration
- New open ports
Alerts
Configure alerts for:
| Alert Type | Trigger |
|---|---|
| New Asset | New subdomain discovered |
| High Risk | Critical vulnerability found |
| Change | Configuration changed |
| Certificate | SSL expiring soon |
Reporting
Asset Reports
Generate reports:
- Full asset inventory
- New assets this period
- Asset changes
- Risk summary
Export Formats
- PDF report
- Excel spreadsheet
- CSV data
- JSON export
Best Practices
Regular Discovery
Run discovery regularly. New assets appear as your organization grows.
Verify Unknown Assets
Investigate unknown assets. They may be shadow IT or attacker infrastructure.
Assign Ownership
Every asset should have an owner responsible for its security.
Remove Unused Assets
Decommission unused assets. Forgotten systems are easy targets.