SAFE categorizes your organization's digital footprint into distinct attack surfaces to provide better visibility and risk assessment. Below is a summary of each attack surface category:
Attack Surface | Description |
|---|---|
Endpoint | Covers user workstations including Windows, Linux, macOS, and other operating systems. |
Server | Includes application, web, and database servers running on Windows, Linux, Hypervisors, and more. |
SaaS | Represents all Software-as-a-Service (SaaS) applications managed by third-party vendors. |
Application | Includes Web Applications, Mobile Applications, APIs, Thick Clients, Containers, and other custom-built applications. |
Storage | Covers storage assets such as Databases, Media Tapes, NAS Servers, and similar devices. |
Cloud | Includes assets hosted on public cloud platforms such as AWS, Azure, and Google Cloud Platform (GCP). |
Network | Comprises network infrastructure like Routers, Switches, Firewalls, and related devices. |
People | Includes digital identities such as End Users, Service Accounts, and Cloud IAM Users. |
Third-Party | Refers to all third-party entities onboarded in SAFE. Note: Currently supported only under the “No Asset Group.” |
Perimeter Services | Assets discovered through SAFE’s outside-in scanning, including Domains and IP Addresses. |
Others | Assets that do not automatically fit into other categories are grouped here by default. |
IoT | Internet of Things devices such as IP Cameras, Smart Lighting, TVs, etc. Note: Asset discovery is limited to what is supported by Armis. |
OT | Operational Technology assets including Pneumatic Tube Systems, MRIs, HVACs, Industrial Robots, etc. Note: Discovery based on Armis-supported types. |
AI System | AI infrastructure components such as Training Data Repositories, Inference Engines, and other AI subsystems. |