AI Agent Attack Surface Discovery
Attack surface discovery is a critical component of modern cybersecurity. It involves identifying, monitoring, and assessing all possible entry points (assets) in an organization’s infrastructure that could be exploited by an attacker. Leveraging AI in this process can revolutionize how organizations manage and mitigate risks by automating traditionally manual, time-intensive tasks and providing intelligent insights for decision-making.
Explore how to automate the attack surface discovery using AI with Ostorlab.
Go to report.ostorlab.co
1. Go to the Attack Surface dropdown
2. Select Discovery
If you have attack surface already configured on your organisation skip to the 7th step Expand Scope
3. Enter your prompt
Enter a prompt that uniquely identifies your organization, such as the full name, commonly used abbreviations, brand keywords, industry type, or any distinguishing attributes that can help pinpoint your organization among others.
4. Start The discovery
5. Select your assets
Select the domains you would like to include
6. Click "Confirm"
And then click confirm. this will add the assets as confirmed, and they will be scanned as part of the attack surface discovery.
After that, you will be re-directed to the AttackSurface page and a graph of your assets will be rendered.
7. Expand Scope to include new Organisations
If you would like expand the scope by discovering new organizations go to the AI Agents section in the Attack Surface dropdown.
8. Enter your Prompt
Provide a new prompt to identify the additional organization you want to include in your scope.
9. Confirm the Assets
After that, you'll notice that the new assets are added to your inventory and Attack Surface graph.
Note that the confirmation and rejection of discovered assets is also handled by AI.
To inspect the reasoning behind the AI decision, go to the asset you would like to inspect.
There, in the note field you'll have a detailed explanation as to why the AI decided to reject or confirm the asset.
This guide demonstrated using the platform's AI-powered Attack Surface automation. It covered steps to discover assets using AI.