Asset Graph
  • 12 Feb 2024
  • 10 Minutes to read
  • Dark
    Light
  • PDF

Asset Graph

  • Dark
    Light
  • PDF

Article Summary

Use the Asset Graph page to view a visual representation of the connections between the assets in your inventory. You can start by viewing the details of a single asset, such as a device, and then use the capabilities of the graph to ask questions about the device and both expand and filter what is displayed. You can also start with multiple assets from one of the asset tables or select an asset type directly in the Asset Graph page.

The Asset Graph provides many benefits, including:

  • A graph gives a visual representation of the relationships between assets that allows you to quickly understand the topology.
  • Multi-step analysis and deep dive into the relationship between assets.
  • You can see the downstream impact of incidents.
  • Investigation is faster, straightforward and more accurate.
  • Quickly understand the relationship between assets.
  • Ability to triage asset issues quickly.
  • Easier to explain the attack surface to non-technical teammates.
  • Allows to easily determine the blast radius of an incident.

To display the Asset Graph, click Click AssetGraphIcon.png in the left navigation bar.

AssetGraph-OpeningScreen.png

A tile for each asset type in the environment is displayed. The number of assets of each type is displayed in the tile below the asset type name. See Accessing the Asset Graph for more details about how to access the Asset Graph from the Asset Profile page or one of the asset pages such as Users or SaaS Software.

Accessing the Asset Graph

There are three ways to access the Asset Graph:

A single asset from the Asset Details page
  • Select a single asset and then, from the Actions menu, select Open in graph.

You can also select the asset to view its details and click the Asset Graph tab. This works exactly as does the Asset Graph page. The selected asset and all the other assets directly connected to it appear in the graph.

AssetGraph-TabSingleAsset.png

Multiple assets from an Asset page
  • From any asset page, such as Devices or SaaS Applications, select multiple assets in the table and from the Actions menu, select Open in graph.

AssetGraphMultiSelect.png

The graph opens in the Asset Graph page showing a group icon for the selected assets in the center of the graph area.

AssetGraphMultipleAssets.png

All assets in the Asset Graph page from the Navigation toolbar
  • Click AssetGraphIcon.png in the left navigation bar. A tile for each asset type in the environment is displayed. The number of assets of each type is displayed in the tile below the asset type name.

AssetGraph-OpeningScreen.png

Click an asset type to start your investigation. You can filter the asset types by category from the Category list. You can select multiple categories. To return to the main Asset Graph view, click Starting View in the Investigation Steps list or AssetGraphIcon.png in the Navigation bar.

About the Asset Graph

Once opened, the Asset Graph shows the assets you selected, whether specific assets from one of the asset pages or a whole category of assets from the Asset Graph page.

The side pane on the left includes the Investigation Steps list at the top and the Data Layers list below.

  • The Investigation Steps list includes a tile representing each action taken in the Asset Graph. See Viewing the Investigation Step-by-Step for more about navigating within the current Asset Graph.
  • The Data Layers list represents the asset types included in the current state of the Asset Graph. See Viewing Data Layers for more about Data Layers.

AssetGraph-SidebarExpanded.png

Assets and groups of assets are shown as circles with asset type icons. Groups have the asset count displayed in a number balloon. Relationships between assets or asset groups are indicated by arrows with a label describing the type of relationship.

For more about working with the Asset Graph:
Managing Asset Graphs
Exploring Connections and Asset Relationships
Saving, Loading and Updating Asset Graphs
Importing and Exporting Asset Graphs

Viewing Investigations Step-by-Step

The Investigation Steps list in the side pane shows the sequence of steps taken in your investigation and allows you to view the progress step-by-step. The following example describes how the Investigation Steps list works.

  1. In this example, multiple assets were selected on the Application Extensions asset page but what follows applies no matter how the investigation starts.

    AssetGraphMultipleAssets.png

  2. Click on the Applications Extensions group icon and select Connections and then All.

Assets connected to the Application Extensions are added to the chart and a new step is added to the Investigation Steps list representing the action taken. Note that the current step is highlighted blue. Layers for the newly added asset types, SaaS Applications and User Extensions, are added to the Data Layers list.

AssetGraphMultipleAssets-Expanded.png

Each step tile includes a description of the step it represents. Hover over the tile to see the full description in a tooltip. Mouse over a step tile to see the full name of the action taken when the name is long. Clicking a step tile also recenters the graph.

  1. In the Investigation Steps list, click Selected Assets, a previous step, to view the graph at that step. All later steps are preserved as well, while only the Data Layers in the current state of the graph are listed.

AssetGraph-PreviousStep.png

To return to the main Asset Graph view, click Starting Point in the Investigation Steps list or AssetGraphIcon.png in the Navigation bar.

When you apply different query parameters or filter the current results, the step tiles from this step forward will change. In this case, the following message appears:

AssetGraphBreadcrumbsOverride.png

Viewing Data Layers

The Data Layers list at the bottom of the side pane shows each asset category included in the current state of the Asset Graph and the number of assets matching the current query parameters. When query parameters change, the asset count changes in the Data Layers menu to reflect the current query.

When you hover over a data layer, the view icon appears. Click the icon to show or hide the data layer.

DataLayers

Zooming In and Out

Use the zoom tools in the lower-left corner of the graph to magnify the graph. You can move the graph within the page to position it how you want and you can zoom the graph to focus on specific assets.

  • To move the whole graph, use the hand tool AssetGraph-Hand.png. Click in the empty space and drag. To move selected nodes, select the nodes you want and drag them to a new location. See /pl/docs/asset-graph#selecting-multiple-assets.

  • Click AssetGraphZoomToFitBtn.png to set the view to fit the graph in the visible window.

  • Click AssetGraphZoomInBtn.png to zoom in and AssetGraphZoomOutBtn.png to zoom out. You can also use the mouse wheel to zoom the graph.

Asset Relationships

Relationships between assets and/or groups are shown as arrows linking them. It describes how the assets are connected.

See Exploring Connections and Asset Relationships for more about working with connections and relationships.

Viewing a Group Preview

For groups of less than 500 assets, you can display all group members individually as a preview.

To view a preview of an asset group:

  1. Click on the node and select Preview. The group is opened and the members are enclosed within a circle.
  2. To close the preview, click within the group circle and select Close preview to go back to the group icon.

Ungrouping a Group Node

Groups of less than 500 members can be ungrouped. When a node is ungrouped, all the members are displayed on the graph individually.

To ungroup a group node:

  • Click on a group node and select Ungroup.

Viewing the Asset Profile

When you hover over the icon of a single asset, a tooltip appears with information about that asset.

AssetGraph-HoverTooltip.png

Click on the asset icon for other options:

  • View asset profile - Displays the Asset Profile page in a new tab for the selected asset in a new browser tab.

Segmenting a Group of Assets

You can segment a group of assets by various fields to separate them into categories.

To segment an asset group:

  • Click Segment by and select a field to segment the group. Subgroups of the assets are displayed according to the field selected. For example, segmenting SaaS Applications by Application Category.

    AssetGraph-SegmentBy.png

    For example, segmenting SaaS Applications by Application Category creates groups of SaaS applications for each category. Each of these groups can also be segmented and investigated further.

    AssetGraph-SegmentByExample.png

Selecting Multiple Nodes

You can select multiple assets or asset groups in the Asset Graph and investigate them together.

AssetGraph-MultiSelect.png

To select multiple assets:

  • Do one of the following:
    • On all OSs, click the AssetGraph-Hand.png till it turns to AssetGraph-Arrow.png. Then, click and drag the border around the nodes you want to select.
    • On Windows and Linux machines, press CTRL, on Apple Mac machines, press Command. and click on the nodes you want to select.

Using Node Custom Groups

Use custom groups to associate individual assets or groups of assets together. Groups reduce clutter in your graph, and enable you to act on the whole group as a single entity. Groups can only include assets of the same type. Enforcement Actions are executed on all members of a group.

For example:
You can select all the user nodes that belong to the same department, group them together, and name the group “Sales”. Then, you can Filter, Enforce, Segment, or explore further connections to the “Sales” group with just a few clicks.

Expanding a group's connections shows the connections for all the members of the group.

To group assets on the asset graph:

  1. Select the assets you want to group.
  2. In the menu, select Group.
  3. The selected nodes are grouped together into one node and named in sequence with the asset type added.
    AssetGraph-BeforeGroup.png

AssetGraph-AfterGroup.png

To ungroup an asset group:

  • Click on a group and select Ungroup.
Note:
When ungrouping nested groups, only the outsidemost group can be ungrouped.

Viewing Group Details

You can view detailed information about the assets in a group in the Explore Group drawer. The Explore Group drawer displays information appropriate for each asset type.
At the top of the drawer the asset category is displayed along with the number of assets and the total number of connections to those assets. Group Connections shows the number of connections to the other asset types.

  • Click on a group or within a group circle and select View Details.

In this example, each vulnerability is listed with the Vulnerability ID (Vuln ID) and the number of devices (Device Count) that have each vulnerability.

AssetGraphExploreGroupDetails.png

Use the Search bar to find specific assets within the current list or click Query Wizard to use different query parameters.

The Query Wizard opens with the current query parameters. Make any changes you want and click Apply. Assets matching the new parameters are listed in the Explore Group drawer and in the Asset Graph. See Creating Queries with the Query Wizard for more about creating queries.

Filtering Asset Groups

You can filter a group to see a more specific set of assets.

  1. Select a group and click Filter Group to open the Query Wizard.

    The Query Wizards opens on the query that describes the group you clicked on. The number of assets in the group appears at the top of the wizard.

  2. Change the query parameters to filter the group and click Apply. The Asset Graph and the asset count at the top of the wizard update to reflect the new parameters and a new breadcrumb is added. See Creating Queries with the Query Wizard more information on how to use the Query Wizard.

    AssetGQueryWizardFrom Aset

    When a filter is applied to a group, the filter icon appears on the group icon.

    AssetGraphFilterIconOnGroup.png

Using Enforcement Actions from the Asset Graph

You can use existing Enforcement Sets or create new ones directly from the Asset Graph.

AssetGraph-UsingECs.png

To use an Enforcement Action in the Asset Graph:

  1. Click on the asset or asset group on which you want the Enforcement Action to apply.
  2. From the Enforce option, select one of the following:

Tags, Custom Fields and Create Tickets from the Asset Graph

You can also assign tags, add custom fields and create tickets directly from the Asset Graph.

AssetGraph-UsingECs.png



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.