Network graphs are visual representations of your hosts and urls. They show how your assets are related. Graphs allow you to instantly spot where your problems are and can contain thousands of nodes. Here's a small example:
Your attack surface is a network graph that comes preconfigured. By default it will show all of your assets grouped around your ASN, cloud or Internet Service Providers.
You should regularly check this view for red and orange dots. If the red dots are grouped in certain locations then that is where your attention should go. The operators of those systems somehow do not get around to fixing their security problems and this can put your entire organisation at risk.
If you have thousands of systems or manage multi-tenant hosting it's easy to lose oversight. You'll be better of creating multiple partial network graphs and remove those from the default attack surface. Remove assets from the attack surface by giving them a tag and exclude the tag in the
graph action menu (the three dots next to "graphs" in the left hand menu).
The assets shown on a graphs are managed with tags. Before you create a graph, you'll want to tag some urls first. Go to the page of the urls you want to include in the graph and click the action menu (three dots) in the upprt right corner. Choose "Add tags" or "Edit tags". The tag editor will appear and you can label the url with a tag of your choice. Try to come up with a descriptive name, like "mailserver", "data center east" or "webshop".
Next, you can create custom network graphs from the
graph action menu.
Just enter your graph name and click "add".
On the new graph page there are two tag editors. One for tags you want to include in your custom network graph, and one for tags you want to exclude.
Please note that exclusion is stronger than inclusion. If an assets has both a tag that is included and a tag that is excluded, that asset will not appear on your graph.
