Appearance
Add an Asset
This page walks through creating an asset manually from the AttackLens UI. Manual creation is intended for resources that cannot be auto-discovered through cloud adapters or sensors.
INFO
Requires Posture Manager role or higher.
When to Create Assets Manually
Use manual creation when:
- The resource is an on-premises appliance that cannot run a sensor (network switches, firewalls, printers)
- You want to track a third-party SaaS service as an asset
- The resource lives in an environment not yet connected via a cloud adapter
- You need a placeholder asset before the adapter sync runs
TIP
For cloud resources and endpoint machines, prefer automatic discovery. Adapters and sensors keep assets up to date automatically, while manually created assets require you to maintain their details by hand.
Step-by-Step
1. Open the Create Asset Form
Navigate to Assets in the sidebar and click the Add Asset button in the top-right corner.
2. Select the Asset Type
Choose the asset type from the Asset Type dropdown. Types are organized by category (Compute, Network, Storage, etc.), and you can use the search filter to find the type you need quickly.
When you select a type, AttackLens automatically assigns the correct category. For example, selecting Virtual Machine sets the category to Compute, and selecting Firewall sets it to Network.
3. Enter the Asset Name
Provide a descriptive Name for the asset. This should be something your team can easily recognize, such as:
prod-web-server-01corp-firewall-hqstaging-postgres-db
WARNING
The name field is required. The form will not submit without it.
4. Set Environment and Criticality
Choose the Environment that reflects where this resource operates:
| Environment | Use for |
|---|---|
| Dev | Development and local testing resources |
| Test | QA and automated testing environments |
| Staging | Pre-production validation environments |
| Prod | Production workloads |
Choose the Criticality level based on business impact:
| Criticality | Use for |
|---|---|
| Low | Non-essential resources with minimal impact if unavailable |
| Medium | Standard business resources |
| High | Important resources that affect business operations |
| Critical | Core infrastructure -- outage or compromise causes severe business impact |
TIP
Criticality affects how AttackLens prioritizes findings and attack paths. Mark production databases and identity providers as Critical to ensure their exposure is surfaced prominently.
5. Assign an Owner (Optional)
Select an Owner from the list of users in your organization. The owner is the person responsible for this asset's security posture. You can search and filter the user list.
6. Assign to a Group (Optional)
Select a Group to associate this asset with an asset group. Groups let you organize assets for policy assignment and reporting. If you have not created any groups yet, you can skip this and assign the asset to a group later.
7. Add Tags (Optional)
Add Tags for custom categorization. Type a tag name and press comma to add it. Tags are free-form labels -- use them for anything that helps your team organize assets (e.g., pci-scope, team-platform, region-eu-west).
8. Add Identifiers
Identifiers are the key-value pairs that uniquely identify this asset. Click Add Identifier to add one or more entries.
For each identifier, select a Type and enter a Value:
| Identifier Type | Example Value |
|---|---|
| Hostname | web-server-01 |
| FQDN | web-server-01.corp.example.com |
| IPv4 Address | 10.0.1.25 |
| IPv6 Address | fd12:3456:789a::1 |
| MAC Address | 00:1A:2B:3C:4D:5E |
| Cloud Instance ID | i-0abcdef1234567890 |
| Cloud Resource ID | /subscriptions/.../resourceGroups/.../providers/... |
| Serial Number | VMware-42 30 a8 ... |
| BIOS UUID | 4230a8f2-... |
You can add as many identifiers as needed. To remove an identifier, click the trash icon next to it.
WARNING
Identifiers are used for conflict detection. If another asset (auto-discovered or manual) shares the same identifier type and value, AttackLens will flag a conflict. Choose identifiers carefully to avoid false duplicates.
9. Set Active Status
The Active toggle in the top-right of the form controls whether the asset is immediately active. Active assets are included in policy evaluations, vulnerability correlation, and attack graph computation. Leave this on unless you are creating a placeholder that should not be evaluated yet.
10. Save
Click Create to save the asset. You will be redirected to the asset detail page where you can view the newly created record.
After Creation
Once the asset is created, you can:
- Assign policies to evaluate the asset's security posture
- Add it to a group for bulk policy assignment
- View findings as policy evaluations run
- Track vulnerabilities once inventory data is available
- Edit the asset to update its details at any time
Related
- Understanding Assets -- Asset concepts, types, and lifecycle
- Edit an Asset -- Update asset details after creation
- Manage Assets -- Search, filter, and organize assets
- Create an Asset Group -- Group assets for policy assignment