Attack Surface Management¶
Escape's ASM discovers every internet-exposed asset you own and keeps that inventory live as your estate changes. It maps domains, subdomains, IP ranges, and the services they host, then classifies what it finds so your team can scope DAST and AI Pentesting against real attack surface, not a stale spreadsheet.
What You'll Find Here¶
- Quickstart: seed your first scope and get results in minutes.
- Asset Management: how Escape models Assets, their types, and their lifecycle.
- Scope Management: define what's in and out of your attack surface.
- Network Configuration: rate control and Public Locations for scan traffic.
- Technologies: the frameworks, runtimes, and platforms Escape fingerprints.
- CVE Scanning: surface known vulnerabilities on discovered assets.
- Network Scanning: port and CIDR scanning for services off standard ports.
- Configuration Reference: the full ASM scanner configuration schema.
Why It Matters¶
Shadow APIs, forgotten subdomains, and misrouted services are where breaches hide. ASM closes that gap by finding them before an attacker does, mapping each asset back to the team that owns it, and feeding the result straight into the scanners that test them.
Index¶
- Quick Start
- Asset Management
- Technologies
- Network Configuration
- Shadow API Discovery
- Code Owners and Routing
- Scope Management
- Network Scanning
- CVE Scanning
ASM Integrations¶
- Akamai
- AWS
- Azure
- Bitbucket
- Cloudflare
- GCP
- GitHub
- GitLab
- Kubernetes
- Postman
- Wiz