Why launching a Surface program
If your organisation comprises multiple internal entities, it can be useful to segment your attack surface to reflect your organisational structure more accurately.
Because different business teams typically focus on different scopes, you can create a Surface Program for each relevant entity, team, or business unit. This allows each group to view and manage the portion of the attack surface that aligns with its responsabilities.
How to create a Surface program?
ℹ️ You must be a Business Unit Owner or a Business Unit Manager to set up a Surface program. A Program manager can edit their program(s) (ie. add/exclude Primary assets and configure security check).
Go to the “Admin Panel”
Click on “+ Surface”
Fill in the “Title” field
Click on “Create”
Your Surface program is now created. Add the primary assets you wish to include in this program.
Click on “+ Add primary assets”
Select the import method of your choice: “Import a file” or “Add Manually”
ℹ️ You should add assets that you own and you wish to monitor. The discovery capabilities of the platform are not made to monitor cybersquatting.
Learn more about how to add primary assets in your surface program, here.
Discover new assets
The YesWeHack Attack Surface Management solution automatically discovers subdomains of your Primary Assets and identifies related domains belonging to the same entity (registrar). This feature is available for APEX domains only.
Go to the “Admin Panel”
Open a Surface program
Click on “Home” in the left side menu
Click on “…” in the Actions column, then click on the “Discover more assets” radar icon.
This action will launch a scan for such related domains. A new window will open with the results.
ℹ️ Click here to learn more about Asset discovery.






