6.1 Asset Management

📖 Overview

The Asset Management module is the heart of your external surface visibility. It provides a centralized dashboard that continuously tracks, catalogs, and monitors the digital assets you own — including domains, subdomains, associated technologies, ports, IPs, and metadata.

Whether you're managing a single website or a complex infrastructure with dozens of services, this module gives you the visibility needed to secure your perimeter.

📊 What You Can See

Summary Cards:

  • Total Asset (Domain) – Number of discovered domains/subdomains.

  • Technologies – Total count of unique technologies detected across assets.

  • Critical Vulnerabilities – How many unresolved, high-risk findings exist.

Statistics Panels:

  • Asset Statistics – Radar chart showing distribution of technologies, ports, and asset counts.

  • Vulnerability Statistics – Visual classification of detected issues by severity (Critical, High, Medium, Low, Info).

🔍 Domain Detail Breakdown

Each domain entry provides a comprehensive technical and security profile. You can expand it to view:

1. 🌐 General Information

  • IP address & Port

  • Protocol used (HTTP/HTTPS)

  • ASN & ISP ownership

  • Abuse score

  • Country and geolocation

2. 🧩 Technologies

  • CMS platforms (e.g., WordPress, Plesk)

  • Libraries and frameworks (Bootstrap, Elementor, Google Fonts)

  • Server stack (PHP, MySQL, NGINX)

3. 🧾 HTTP Headers

  • Full response headers (security headers, cache controls, cookies)

4. 🔐 SSL Information

  • Certificate issuer, subject, expiration dates, cipher strength

  • SSL health based on scan engine (e.g., TLS 1.2, weak ciphers)

5. 📡 DNS Panel

  • A/AAAA/MX/CNAME/NS/TXT records

  • SPF, DKIM, DMARC validation

  • DNSSEC validation state and change logs

6. 🆔 WHOIS Information

  • Domain registrar

  • Expiration & creation dates

  • Raw WHOIS output

✅ This level of insight allows you to monitor your assets not just by IP or hostname, but by actual risk, technology, exposure, and ownership.

🔍 Search & Filter

You can search and filter assets by:

  • Domain name

  • Technology used (e.g., PHP, WordPress, React)

  • Open port (e.g., 80, 443)

This helps isolate vulnerable or misconfigured environments, or group assets by technology stack.

🔐 Why It Matters

Without visibility, you can't protect what you don't know you have.

The Asset Management module helps:

  • Detect shadow IT (unknown domains or services)

  • Prevent tech stack sprawl and unmanaged exposure

  • Monitor changes in infrastructure over time

  • Serve as a foundation for vulnerability assessment

🧠 Use Cases

Use Case
Result

Discover forgotten subdomains

Avoid exposure of legacy services

Track CMS & plugin usage

Identify outdated or risky versions

Watch SSL expiration dates

Avoid certificate downtime or MITM exposure

Validate security headers

Spot missing XSS/CORS/HSTS protections

Map IP and provider attribution

Detect hosting/ISP changes or anomalies

⚙️ Best Practices

  • Run asset discovery scans on a regular schedule (e.g., weekly).

  • Review port usage to detect unexpected exposures (e.g., non-standard ports).

  • Monitor for newly added technologies that increase your attack surface.

  • Combine with Vulnerability Scan (6.3) for actionable insights.

🎯 ShieldsGuard’s Asset Management doesn’t just give you a list — it builds a living, evolving picture of your digital perimeter. Know your assets. Reduce your risk. Secure with confidence.

Previous6. Asset ManagementNext6.2 Network Topology

Last updated