Skip to main content
All CollectionsAssets and VulnerabilitiesAssets
The External Facing tag
The External Facing tag

What is the External-Facing tag and how to create one?

Updated today

External-facing asset

An external-facing asset is an asset that can be accessed from outside the organization. For example, it can be open to the internet, providing content to anonymous users, internal employees, and business partners. An External Facing asset can also enable users to self-register in order to access additional content.

Creating external-facing tag

The Vulcan Cyber ExposureOS platform creates the tag automatically once it identifies an external-facing asset. External facing assets are tagged "External Facing" if one (or more) of the below conditions is met:

  • The asset's security group allows inbound connection on the AWS side.

  • The IP address of the asset is external-facing.

  • The asset is connected to an ELB on the AWS side, and the status of the Load Balancer is "Active".

When your Vulcan Cyber ExposureOS platform identifies external-facing assets, the tag becomes available at:

Assets > Asset Tags > External Facing

View the conditions that make the external-facing tag

Click the "External Facing" tag to view the default conditions as set by Vulcan Cyber ExposureOS (this in case you haven't already changed the default conditions).

Once you open the tag, you get to view:

(a) The default criteria as set by Vulcan Cyber ExposureOS

(b) The assets that match the defined conditions

The default conditions are:

  • External Facing by IP
    OR

  • External Facing by ELB
    OR

  • External Facing by Security Group

What are your options here?

  • Keep the default conditions as is.

  • Override the default conditions.

  • Create a new External Facing tag with your customized conditions in addition to the default one.

Create a customized external-facing tag

You can create and set your own conditions for an External Facing tag, as well as edit its name and impact score.

  1. Go to Assets

  2. At the right pane, click Asset Tags > +Create Asset Tag.

  3. Fill in the asset tag details, such as name and impact. If needed, enable the relevant toggles, just like when creating any other asset tag.

  4. When setting the External-Facing asset tag condition, make sure that at least the following condition is set:

    Where > Assets > External Facing > is > Security Group and/or IP and/or ELB.

    • Security Group: The asset's security group allows inbound connection on the AWS side.

    • External Load Balancer (ELB): The asset is connected to an ELB on the AWS side, and the status of the finding (instance) the ELB points to is "InService".

    • IP: Selecting this condition means that the Vulcan Cyber ExposureOS Platform will scan the IP addresses of assets to find the External Facing IP addresses. The scanner disregards internal IP addresses. The internal IP range mainly includes: 

      Range from 10.0.0.0 to 10.255.255.255 — a 10.0.0.0 network with a 255.0.0.0 or an /8 (8-bit) mask

      Range from 172.16.0.0 to 172.31.255.255 — a 172.16.0.0 network with a 255.240.0.0 (12-bit) mask

      Range from 192.168.0.0 to 192.168.255.255 — a 192.168.0.0 network with a 255.255.0.0 (16-bit) mask

      Range from 169.254.0.0 to 169.254.255.254 — a 169.254.0.0 network with a 255.255.0.0 (16-bit) mask

      Range from 127.0.0.0 to 127.255.255.254 — a 127.0.0.0 network with a 255.0.0.0 (8-bit) mask

  5. Your newly created External Facing tag will appear under Assets > Asset Tags > External Facing.

Related Articles
Business Groups and Asset Tags
Understanding Full Asset Deduping and Proactive Asset Detach
Managing Asset Tags (old UI)
Vulnerability Custom Risk Script Best Practice
Advanced Vulnerability Tagging and Team-Based Remediation Best Practice
Did this answer your question?