![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 27%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Defender | Other
Additional Microsoft Defender tools and services that provide security across various platforms and environments
It sounds like you may need to refine your discovery setup in Microsoft Defender External Attack Surface Management (Defender EASM). When you run a discovery, it can sometimes identify assets that are not directly tied to your organization. Here are a few steps you can take to address this issue:
- Review Your Seed Values: Ensure that the seeds you are using for the discovery are specific to your organization. You can manually input seeds such as organization names, domains, or IP blocks that are known to belong to your company. This will help narrow down the results to relevant assets.
- Exclude Unwanted Assets: If there are specific assets that you know do not belong to your organization, you can specify exclusions during the discovery setup. This will prevent those assets from being included in future discoveries.
- Run Customized Discoveries: Consider running customized discoveries to detect outlier assets. This allows you to focus on specific areas of your infrastructure that may not be covered by the initial automated discovery.
- Access Inventory Filters: After running the discovery, use the inventory filters to review the assets that have been discovered. You can filter for assets in different states and identify those that should be approved or dismissed based on your organization’s criteria.
By refining your discovery process and managing your inventory effectively, you should be able to track the assets that truly belong to your organization.
References: