Asset Mapping
      Back to home
      1. Security Rating® Knowledge Base
      2. Security Rating
      3. Asset Mapping

      Understanding mapping

      The purpose of mapping is to check and modify the company's analysis perimeter. Before setting up the mapping, it is necessary to understand how it works.

      Understanding how to choose the right assets (example)

       

      To understand which assets to capture, one needs to think about the concept of DNS. The DNS infrastructure is a "tree" that links domain names and IP addresses of devices on the Internet.

      The Security Rating® uses DNS records to identify a portion of the assets of the company being rated. Therefore, the choice of the domain entered is crucial and determines the completeness of the assets discovered.

       

       

      Meaning of mapping TAGS

       

      Please note:
      Starting June 1, all mapping on the old system will be automatically migrated to the new system.
      Some mapping tags will also change.

      Excluded from the scope of evaluation :

      Disabled

      The asset does not belong to the company being valued or the asset has been decommissioned from the information system. This asset will not have any impact on the rating and will be ignored.

      Shared/Hosted asset/ Mutualized

      The asset is not under the exclusive control of the customer; the asset is hosted on a server with other assets for other companies. This asset will not have any impact on the rating and will be ignored.

      Included in the scope of evaluation:

      A

      The resource is a domain referenced by an A record

      CNAME

      A canonical name registration that associates an alias name with the real domain name. This is potentially detected as shared but forced by the user as belonging to him and to measure.

      DNS Zone

      The DNS zone that hosts the DNS records of the domain.

      Internal redirection

      The resource is a URL that redirects to a URL on the same site (https://example.com/ redirects to https://example.com/home.html) => Evaluated

      Email

      The resource is a domain referenced by an MX record => Mail Server

      MX

      The resource is a domain referenced by an MX record

      NS

      The resource is a domain referenced by an NS record

      Potentially shared/Hosted asset

      Asset hosted by a cloud provider that we don't know if it's assigned only to the customer or not

      Private (not evaluated)

      The asset is a private IP address => Not evaluated

      PTR

      The asset is an IP address that has a PTR record

      Redirection

      URL redirected to another site => Not evaluated

      Root Domain

      Recognized as a root domain

      RPLB

      The asset is an IP address suspected of being a reverse proxy or load balancing

      RPLB exclusion

      If a reverse proxy / load balancing is detected, the tool automatically excludes it from the scope, this tag forces the tool to include the resource in the scope

      Scope

      Asset defined by the user to represent to the initial scope to start the mapping from

      SUB

      The asset is a subdomain

      TXT

      Domain with TXT record

      WEB

      The asset is a URL (http://..., https://....)