Assets & Networks
Assets and networks form the foundation of your security assessment data in Hawkra. Networks represent logical groupings of infrastructure (subnets, VLANs, segments), while assets represent individual hosts within those networks. Every asset belongs to exactly one network, and networks belong to a workspace.
Networks
Networks are the top-level organizational unit for your infrastructure inventory. They represent logical network segments such as subnets, VLANs, or isolated environments within your assessment scope.
Creating a Network
To create a network, navigate to the Networks section of your workspace and provide the following details:
| Field | Required | Description |
|---|---|---|
| Name | Yes | A descriptive name for the network (1-255 characters). Example: "Corporate LAN", "DMZ", "Guest WiFi" |
| CIDR Range | No | The network's CIDR notation (e.g., 192.168.1.0/24, 10.0.0.0/8). Validated for correct IPv4 CIDR format |
| VLAN ID | No | The 802.1Q VLAN identifier, if applicable |
| Access Port | No | How the network is accessed during the assessment (up to 100 characters). Example: "eth0 on jump box", "VPN tunnel" |
| Description | No | Free-text description of the network's purpose or scope |
Assets
Assets represent individual hosts, devices, or systems discovered or documented during your security assessment. Each asset lives within a network and can have associated vulnerabilities, credentials, ports, and services.
Creating an Asset
To add an asset, navigate into a network and create a new asset with the following fields:
| Field | Required | Description |
|---|---|---|
| IP Address | One of IP or Hostname required | The asset's IP address. Bare IPs (e.g., 192.168.1.100) are automatically assigned a /24 CIDR prefix. You can also specify an explicit CIDR (e.g., 10.0.1.50/32) |
| Hostname | One of IP or Hostname required | The asset's hostname or FQDN (up to 255 characters) |
| MAC Address | No | The hardware MAC address (up to 17 characters, e.g., AA:BB:CC:DD:EE:FF) |
| Operating System | No | The detected or known OS (up to 255 characters) |
| OS Version | No | The OS version string (up to 255 characters) |
| Asset Type | Yes | The type of device (see table below) |
| Tags | No | Up to 50 tags for organization, each up to 100 characters |
| Description | No | Free-text description (up to 5,000 characters) |
At least one of IP Address or Hostname must be provided. You can provide both for a more complete record.
Viewing Asset Details
The asset detail view provides a comprehensive view of everything known about a host:
- Basic information: IP address, hostname, MAC address, OS, asset type, tags, and description
- Linked vulnerabilities: All vulnerabilities associated with this asset, with their severity and remediation status
- Ports and services: Discovered open ports, protocols, and identified services (populated by scans or manual entry)
- Credentials: Any stored credentials associated with this asset
Port Discovery and Services
Ports and services are primarily populated through scan imports (Nmap, Nessus, OpenVAS, ZAP) but can also be discovered through Hawkra's built-in scanning tools. Each port entry includes:
- Port number and protocol (TCP/UDP)
- Service name (e.g., ssh, http, smb)
- Service version information when detected
Port and service data enriches vulnerability analysis and is included in AI context when the "Include Services" toggle is enabled.
MAC Address Vendor Lookup
If an asset has a MAC address recorded, you can use the Import MAC Data action to look up the hardware vendor. This feature:
- Identifies the device manufacturer from the MAC OUI prefix
- Automatically updates the asset type if it is currently set to "Unknown" (e.g., a Cisco MAC sets the type to "Router")
- Appends the vendor name to the asset description
This is useful for identifying unknown devices discovered during network scans.
Tagging System
Tags provide a flexible way to organize and categorize assets beyond the built-in asset type. Common tagging patterns include:
- Environment:
production,staging,development - Criticality:
critical,high-value,low-priority - Assessment scope:
in-scope,out-of-scope,phase-1 - Compliance:
pci-dss,hipaa,sox
Each asset supports up to 50 tags, with each tag limited to 100 characters.
Asset Limits by Tier
| Tier | Assets per Workspace |
|---|---|
| Free | 15 |
| Premium | 5,000 |
| Self-Hosted | Unlimited |