Skip to main content
IP Address Catalog in AIM

IP Address Catalog Overview

Overview

The IP Catalog aggregates all network IPs discovered via integrated adapters, vulnerability management systems, or external scanners.
It provides deep insights into risk, vulnerability severity, exposure classification, and network ownership. Each IP record represents a monitored endpoint within your ecosystem — whether internal, external, or shadowed — and is automatically correlated with vulnerabilities, ASN, and organization data.

Key Metrics and Analytics

Total IPs

Shows the total number of IP addresses discovered and tracked by AIM.

Vulnerable IPs

Displays IPs associated with one or more active vulnerabilities.

Internal IPs

Indicates assets classified as internal based on network segmentation rules.

Shadowed IPs

Highlights unregistered or unmanaged IPs detected through automated discovery.

Vulnerability Severity Distribution

Breakdown of all IP vulnerabilities by severity — Critical, High, Medium, and Low.

Exposure & ASN Distribution

Visualizes IP exposure (Exposed vs. Safe) and top Autonomous System Numbers (ASNs) for quick network-level analysis.

Search, Filters, and Sorting

The IP catalog provides advanced filtering to help users narrow results and locate high-priority assets.
FilterDescription
OwnersFilter by the person or team responsible for the IP.
RiskFilter or sort based on automated risk score.
ExposureShow IPs classified as Exposed, Not Exposed, or Shadowed.
AdaptersFilter IPs discovered through specific integrations or scanners.
hasVulnsShow only IPs linked to vulnerabilities.
OrganisationsFilter by organization name or ASN.
Date RangeFilter by detection timeline (First/Last Found).
These filters can be combined for detailed analysis of network exposure and risk.

IP Table Columns

Each IP entry displays detailed asset metadata for precise tracking.
ColumnDescription
Asset ValueThe IP address and source details.
LocationCountry, city, and geolocation information.
Vuln CountNumber of vulnerabilities tied to the IP.
ExposureCurrent exposure status (Exposed, Not Exposed, or Shadowed).
Auto RiskSystem-calculated risk score.
Organisation / ASNThe associated organization or network provider.
OwnerAssigned user or team responsible for this IP.
TagsClassification tags like VM, IP, or Internal.
AssociationsConnected assets or relationships within the inventory.
Detected OnTimestamp showing first and most recent detection.

IP Full View

Each IP record in AIM provides complete lifecycle visibility — from discovery to vulnerability correlation and risk scoring.
IP Address Details in AIM

IP Full View

IP Summary

At the top of the page, the summary card displays key asset identifiers:
FieldDescription
IP AddressThe specific IP being analyzed.
StatusIndicates if the IP is active, inactive, or decommissioned.
Total VulnerabilitiesNumber of open issues discovered.
Risk ScoreAutomatically generated score reflecting severity and exposure.
ExposureMarks whether the IP is safe, exposed, or unknown.
EnvironmentClassified environment if detected (e.g., Internal, External).
Managed ByUser or owner assigned to manage the asset.
Detection Timeline“First Found” and “Last Found” dates for tracking changes.

Vulnerability Insights

Vulnerability Trends

Displays how vulnerabilities have evolved over time for the specific IP.
Useful for tracking the impact of patch management and mitigation efforts.

Severity Distribution

Shows vulnerability severity breakdown (Critical, High, Medium, Low) for quick prioritization.
The Vulnerability Table below lists each vulnerability linked to this IP, with details such as:
  • Title
  • Severity
  • State (Resolved / In Review)
  • Detection history
Each entry can be cross-referenced directly within the VM module.

Tags, Technologies, and Open Ports

Tags

Tags categorize IPs based on business or technical context.
Examples include: VM, IP, External, Internal.

Technologies

Displays any technologies identified from associated assets or scans (e.g., Apache, Nginx, SSH).

Open Ports

Shows detected network ports, their protocol, and exposure state.
Used to assess services running on the IP and identify potential risks.

Location Details

The Location Details panel automatically enriches each IP with geolocation and organization intelligence, including:
  • Organisation & ASN
  • Country, City, and Region
  • Timezone & Postal Code
  • Network Segment (if internal classification applies)
These details enable quick attribution and mapping for distributed infrastructures.

Asset Relations

IP Relations Graph in AIM

IP Asset Relations Graph

The Asset Relation Graph maps relationships between IPs, domains, and associated assets, enabling analysts to visualize network context and dependencies.

Ownership & Lifecycle Management

Each IP asset includes full lifecycle controls:
  • Assign Owner – set or change responsible person/team.
  • Decommission Asset – mark inactive or deprecated IPs.
  • Delete Asset – permanently remove invalid or duplicate entries.
All updates synchronize across AIM and connected modules.

How IPs Are Discovered

AIM detects and updates IP assets using various adapters and integrations:
  • VM Adapter – imports IPs linked with vulnerabilities.
  • ASM Adapter – discovers live and shadow IPs from external scans.
  • TechDetect Adapter – identifies IP-level technologies and ports.
These integrations keep the IP inventory up to date with real-time exposure and risk insights.

Example Use Cases

  • Network Security Teams: Identify and prioritize vulnerable or exposed IPs.
  • Asset Managers: Maintain accurate internal vs. external IP segmentation.
  • Incident Responders: Investigate IPs involved in breaches or suspicious activities.
  • Compliance Teams: Audit all active IPs and verify that no shadow assets exist.

Explore Live Demo

Explore AIM Live — No Signup Needed

Instantly explore how Snapsec AIM discovers, enriches, and tracks every asset in real time — all without creating an account.