Azure EASM client library for Java - version 1.0.0-beta.1
Microsoft Defender External Attack Surface Management (Defender EASM) continuously discovers and maps your digital attack surface to provide an external view of your online infrastructure. This visibility enables security and IT teams to identify unknowns, prioritize risk, eliminate threats, and extend vulnerability and exposure control beyond the firewall. Defender EASM leverages Microsoft’s crawling technology to discover assets that are related to your known online infrastructure, and actively scans these assets to discover new connections over time. Attack Surface Insights are generated by leveraging vulnerability and infrastructure data to showcase the key areas of concern for your organization.
This package contains Microsoft Azure EASM Defender client library.
Documentation
Various documentation is available to help you get started
Getting started
Prerequisites
- Java Development Kit (JDK) with version 8 or above
- Azure Subscription
Adding the package to your product
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-analytics-defender-easm</artifactId>
<version>1.0.0-beta.1</version>
</dependency>
Authentication
Azure Identity package provides the default implementation for authenticating the client.
Key concepts
Assets
Defender EASM includes the discovery of the following kinds of assets:
- Domains
- Hosts
- Pages
- IP Blocks
- IP Addresses
- Autonomous System Numbers (ASNs)
- SSL Certificates
- WHOIS Contacts
These asset types comprise your attack surface inventory in Defender EASM. This solution discovers externally facing assets that are exposed to the open internet outside of traditional firewall protection; they need to be monitored and maintained to minimize risk and improve an organization’s security posture. Microsoft Defender External Attack Surface Management (Defender EASM) actively discovers and monitors these assets, then surfacing key insights that help customers efficiently address any vulnerabilities in their organization.
Discovery
Microsoft Defender External Attack Surface Management (Defender EASM) relies on our proprietary discovery technology to continuously define your organization’s unique Internet-exposed attack surface. Discovery scans known assets owned by your organization to uncover previously unknown and unmonitored properties. Discovered assets are indexed in a customer’s inventory, providing a dynamic system of record of web applications, third party dependencies, and web infrastructure under the organization’s management through a single pane of glass.
Discovery Groups
Custom discoveries are organized into Discovery Groups. They are independent seed clusters that comprise a single discovery run and operate on their own recurrence schedules. Users can elect to organize their Discovery Groups to delineate assets in whatever way best benefits their company and workflows. Common options include organizing by responsible team/business unit, brands or subsidiaries.
Examples
String subscriptionId = Configuration.getGlobalConfiguration().get("SUBSCRIPTION_ID");
String workspaceName = Configuration.getGlobalConfiguration().get("WORKSPACENAME");
String resourceGroupName = Configuration.getGlobalConfiguration().get("RESOURCEGROUPNAME");
String endpoint = Configuration.getGlobalConfiguration().get("ENDPOINT");
EasmClient easmClient = new EasmClientBuilder()
.endpoint(endpoint)
.subscriptionId(subscriptionId)
.workspaceName(workspaceName)
.resourceGroupName(resourceGroupName)
.credential(new DefaultAzureCredentialBuilder().build())
.buildClient();
File Name | Description |
---|---|
DiscoveryRunsSample.java | Create and manage a discovery group |
DiscoTemplateSample.java | Create discovery groups using a template |
SavedFilterSample.java | Use saved filters to synchronize queries across scripts |
ManagingExternalIdsSample.java | Tag assets automatically with external ids |
Troubleshooting
Enabling Logging
Azure SDKs for Java offer a consistent logging story to help aid in troubleshooting application errors and expedite their resolution. The logs produced will capture the flow of an application before reaching the terminal state to help locate the root issue. View the logging wiki for guidance about enabling logging.
Next steps
These code samples show common scenario operations with the Azure Anomaly Detector library. More samples can be found under the samples directory.
For more extensive documentation on Microsoft Defender External Attack Surface Management, see the Defender EASM: https://azure.microsoft.com/services/ on docs.microsoft.com.
Contributing
For details on contributing to this repository, see the contributing guide.
- Fork it
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request