Amass is an attack surface management tool designed to identify, map, and inventory an organization's internet-facing digital assets. It functions as a security asset discovery engine that systematically expands an organization's known infrastructure footprint through recursive domain name resolution and the collection of intelligence from diverse public data sources.
The platform distinguishes itself by utilizing a graph-based modeling approach to organize discovered resources. By maintaining a persistent graph database, it tracks the relationships between infrastructure components and normalizes data from multiple intelligence feeds into a unified schema. This allows for the visualization of complex network topologies and the long-term monitoring of infrastructure changes.
The framework supports comprehensive security visibility by integrating modular data collection tasks and asynchronous processing to handle large-scale network scanning. It provides a centralized repository for asset records, enabling consistent tracking and analysis of an entity's technical landscape for threat intelligence and vulnerability identification.
