> ## Documentation Index
> Fetch the complete documentation index at: https://docs.snapsec.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Asset Catalog

> Explore, filter, and manage all discovered external assets with real-time context, signals, and exposure insights.

## Overview

The **Asset Catalog** is your **single source of truth** for everything exposed across your external attack surface.

It provides a **structured, continuously updated inventory** of all discovered assets — enriched with context like **signals, exposure status, technologies, ports, and infrastructure mapping**.

Unlike traditional inventories, this is not just a list — it’s an **interactive system designed for investigation, filtering, and action**.

<Frame caption="Unified asset inventory with filtering, signals, and export capabilities">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/catalog.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=b7d2ad01a46e21856b876881e678f52d" alt="ASM Asset Catalog Overview" width="1896" height="926" data-path="images/asm/catalog.png" />
</Frame>

***

## How It Works

ASM continuously discovers and updates assets using:

* Active scanning (ports, services, web validation)
* Passive intelligence (DNS, CT logs, internet datasets)
* Technology fingerprinting
* Infrastructure mapping

Each asset is:

* **Discovered** → identified from multiple sources
* **Enriched** → tagged with metadata (WAF, ASN, tech stack)
* **Classified** → grouped by type (IP, Subdomain, Port, etc.)
* **Monitored** → updated as changes occur
* **Correlated** → linked to related entities

This creates a **live, queryable map of your attack surface**.

***

## Core Capabilities

### Unified Asset Inventory

All asset types are accessible in one place:

* Subdomains
* Web Servers
* IP Addresses
* DNS Records
* Ports
* Certificates
* Technologies

Each view is optimized for **deep inspection and filtering**, not just visibility.

***

### Filtering & Exploration

Every asset view includes powerful controls:

* Search across assets
* Filters (e.g., **Is New, WAF, Status, Network Scope**)
* Attribute-based filtering (ports, services, DNS class, etc.)
* Reset and quick refinement

This enables teams to:

* Narrow down large datasets instantly
* Investigate specific exposure patterns
* Focus on high-priority segments

***

### Signals Integration

Each asset is mapped with **signals** — indicators of potential risk, anomalies, or findings.

* Signals are visible directly in tables
* Assets with **0 signals are still tracked** (important for baseline visibility)
* Enables quick identification of **active vs clean surface areas**

***

### Export & Reporting

All views support **Export to CSV**, allowing teams to:

* Share data externally
* Perform offline analysis
* Integrate with reporting workflows

<Frame caption="Export asset data for reporting and external analysis">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/export.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=a8c288e1088c2207c2032cc524dc3f0b" alt="Export to CSV feature" width="1611" height="605" data-path="images/asm/export.png" />
</Frame>

***

## Asset Views

Each asset type provides a focused lens into a specific layer of your attack surface.

***

### Subdomains

Subdomains represent your **external entry points**.

<Frame caption="Subdomains with ports, IP mapping, WAF detection, and exposure context">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/subdomains.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=319f41de6ec82c76e94445efd3b97db8" alt="Subdomains View" width="1618" height="606" data-path="images/asm/subdomains.png" />
</Frame>

**Key Insights:**

* Open ports per subdomain
* IP address mappings
* WAF detection (e.g., Cloudflare)
* External exposure classification
* Signal presence

**Why It Matters:**\
Unmanaged or forgotten subdomains are one of the most common attack vectors.

***

### Web Servers

Focuses on **HTTP/HTTPS services and application exposure**.

<Frame caption="Web servers with status codes, detected services, and exposure context">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/webservers.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=1f9fed9b8c4af1c9faf38e6351071c28" alt="Web Servers View" width="1617" height="847" data-path="images/asm/webservers.png" />
</Frame>

**Key Insights:**

* HTTP status codes (200, 403, 418, etc.)
* Detected services (Dozzle, Vercel, etc.)
* Open ports per service
* External exposure visibility

**Why It Matters:**\
This is where attackers interact — APIs, panels, dashboards, and apps.

***

### IP Addresses

Provides a **network-level view** of infrastructure.

<Frame caption="IP addresses with geolocation, ASN, and port exposure">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/ips.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=1236c28ef3fd84483f51413151d7f2a6" alt="IP Addresses View" width="1631" height="750" data-path="images/asm/ips.png" />
</Frame>

**Key Insights:**

* Geolocation and ASN (e.g., AWS, Fastly, Hostinger)
* Open ports per IP
* Network scope (external/internal)
* Infrastructure ownership

**Why It Matters:**\
Helps identify shadow infrastructure and unmanaged cloud assets.

***

### DNS Records

Tracks all DNS-level mappings and configurations.

<Frame caption="DNS records including A, MX, SOA and mapping details">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/dns-records.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=bfa5b8cfe13c7c6a98613cafcf0e10ed" alt="DNS Records View" width="1617" height="846" data-path="images/asm/dns-records.png" />
</Frame>

**Key Insights:**

* Record types (A, CNAME, MX, SOA, etc.)
* Domain ↔ infrastructure relationships
* Detection timestamps
* Signal tracking

**Why It Matters:**\
DNS misconfigurations and dangling records are common exposure points.

***

### Ports

Highlights **network exposure and service-level access**.

<Frame caption="Ports with service detection, status, and exposure scope">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/ports.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=d44518d5b9e9720796af8f43032d57d5" alt="Ports View" width="1605" height="841" data-path="images/asm/ports.png" />
</Frame>

**Key Insights:**

* Open ports and services (HTTP, HTTPS, etc.)
* Service versions (if detected)
* External vs internal exposure
* Detection timestamps

**Why It Matters:**\
Unexpected open ports often indicate misconfigurations or attack surface expansion.

***

### Certificates

Tracks SSL/TLS posture across assets.

<Frame caption="Certificates with validity, expiration, and risk indicators">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/certificates.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=710fa45ba7b3c5e5b780597613976845" alt="Certificates View" width="1627" height="811" data-path="images/asm/certificates.png" />
</Frame>

**Key Insights:**

* Valid, expired, and at-risk certificates
* Expiry timelines
* Domain associations
* Signal indicators

**Why It Matters:**\
Certificate issues can indicate neglected assets or cause service disruptions.

***

### Technologies

Provides a **high-level inventory of detected technologies**.

<Frame caption="Technology catalog with categorized frameworks, CDNs, and services">
  <img src="https://mintcdn.com/snapsec-23724fa2/ac3f7iqyUUP8EAve/images/asm/technologies.png?fit=max&auto=format&n=ac3f7iqyUUP8EAve&q=85&s=f94a7ff608fe3effa546d99cbe7ec2cd" alt="Technologies View" width="1615" height="851" data-path="images/asm/technologies.png" />
</Frame>

**Key Insights:**

* Frameworks (React, Next.js)
* Infrastructure (Nginx, Cloudflare, Netlify, Vercel)
* Categories (CDN, Analytics, Security, etc.)
* Asset-level mapping

**Why It Matters:**

* Detect outdated or vulnerable stacks
* Identify unauthorized technologies
* Understand platform usage across teams

***

## Correlation Across Assets

The real power of the catalog lies in **relationships**:

* Subdomain → IP → Ports → Web Server
* DNS → Infrastructure → Exposure
* Technology → Service → Risk signals

This allows teams to:

* Trace issues across layers
* Perform faster root cause analysis
* Understand full exposure context

***

## Continuous Updates

The catalog is **always live**:

* New assets are discovered automatically
* Changes are reflected in near real-time
* Signals update dynamically

This ensures your visibility is always aligned with your **actual attack surface**.

***

## Why This Matters

* **Complete Visibility** — No blind spots across external assets
* **Actionable Context** — Signals + metadata in one place
* **Faster Investigations** — Correlated asset relationships
* **Operational Efficiency** — Filter, export, and act instantly
* **Reduced Risk** — Identify exposure before exploitation

***

## Explore Live Demo

<Card title="Explore ASM Live — No Signup Needed" icon="wand-magic-sparkles" href="https://suite.snapsec.co/demo">
  Experience how ASM provides real-time asset discovery, enrichment, and visibility across your entire attack surface.
</Card>
