# 6.1 Asset Management

<figure><img src="/files/hGATJRMDgk16hEv2pEDQ" alt=""><figcaption></figcaption></figure>

#### 📖 Overview

The **Asset Management** module is the heart of your external surface visibility. It provides a centralized dashboard that continuously tracks, catalogs, and monitors the digital assets you own — including domains, subdomains, associated technologies, ports, IPs, and metadata.

Whether you're managing a single website or a complex infrastructure with dozens of services, this module gives you the visibility needed to secure your perimeter.

***

#### 📊 What You Can See

**Summary Cards:**

* **Total Asset (Domain)** – Number of discovered domains/subdomains.
* **Technologies** – Total count of unique technologies detected across assets.
* **Critical Vulnerabilities** – How many unresolved, high-risk findings exist.

**Statistics Panels:**

* **Asset Statistics** – Radar chart showing distribution of technologies, ports, and asset counts.
* **Vulnerability Statistics** – Visual classification of detected issues by severity (Critical, High, Medium, Low, Info).

***

#### 🔍 Domain Detail Breakdown

Each domain entry provides a comprehensive technical and security profile. You can expand it to view:

**1. 🌐 General Information**

* IP address & Port
* Protocol used (HTTP/HTTPS)
* ASN & ISP ownership
* Abuse score
* Country and geolocation

**2. 🧩 Technologies**

* CMS platforms (e.g., WordPress, Plesk)
* Libraries and frameworks (Bootstrap, Elementor, Google Fonts)
* Server stack (PHP, MySQL, NGINX)

**3. 🧾 HTTP Headers**

* Full response headers (security headers, cache controls, cookies)

**4. 🔐 SSL Information**

* Certificate issuer, subject, expiration dates, cipher strength
* SSL health based on scan engine (e.g., TLS 1.2, weak ciphers)

**5. 📡 DNS Panel**

* A/AAAA/MX/CNAME/NS/TXT records
* SPF, DKIM, DMARC validation
* DNSSEC validation state and change logs

**6. 🆔 WHOIS Information**

* Domain registrar
* Expiration & creation dates
* Raw WHOIS output

> ✅ This level of insight allows you to monitor your assets not just by IP or hostname, but by actual risk, technology, exposure, and ownership.

***

#### 🔍 Search & Filter

You can search and filter assets by:

* Domain name
* Technology used (e.g., PHP, WordPress, React)
* Open port (e.g., 80, 443)

This helps isolate vulnerable or misconfigured environments, or group assets by technology stack.

***

#### 🔐 Why It Matters

Without visibility, you can't protect what you don't know you have.

The Asset Management module helps:

* Detect shadow IT (unknown domains or services)
* Prevent tech stack sprawl and unmanaged exposure
* Monitor changes in infrastructure over time
* Serve as a foundation for vulnerability assessment

***

#### 🧠 Use Cases

| Use Case                        | Result                                      |
| ------------------------------- | ------------------------------------------- |
| Discover forgotten subdomains   | Avoid exposure of legacy services           |
| Track CMS & plugin usage        | Identify outdated or risky versions         |
| Watch SSL expiration dates      | Avoid certificate downtime or MITM exposure |
| Validate security headers       | Spot missing XSS/CORS/HSTS protections      |
| Map IP and provider attribution | Detect hosting/ISP changes or anomalies     |

***

#### ⚙️ Best Practices

* Run asset discovery scans on a regular schedule (e.g., weekly).
* Review port usage to detect unexpected exposures (e.g., non-standard ports).
* Monitor for newly added technologies that increase your attack surface.
* Combine with Vulnerability Scan (6.3) for actionable insights.

***

> 🎯 ShieldsGuard’s Asset Management doesn’t just give you a list — it builds a living, evolving picture of your digital perimeter. Know your assets. Reduce your risk. Secure with confidence.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.shieldsguard.com/getting-started/6.-asset-management/6.1-asset-management.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.