Why are secondary assets included in my IP/domain count?

hexiosec classifies discovered domains and ip addresses as either primary or secondary assets primary assets are domains and ips considered directly owned, managed, or within the responsibility of the organisation being assessed risks are surfaced against these assets within the platform secondary assets are assets discovered through technical relationships with the primary infrastructure, but which may belong to third parties, providers, shared platforms, or supporting services although secondary assets may not be directly owned or actionable by the customer, they still form part of the wider discovered attack surface associated with the supplied seeds we include secondary assets as part of the ip/domain count because they still contribute to the overall size and complexity of the scan hexiosec still needs to discover and enumerate the assets analyse infrastructure relationships process dns, certificate, hosting, and network data maintain context about how assets connect together scan and evaluate the surrounding infrastructure in other words, secondary assets still consume processing resources and influence the amount of work required to fully understand the attack surface associated with the provided seeds the primary/secondary classification is intended to help customers distinguish between assets they consider their responsibility assets that provide contextual understanding of the wider infrastructure it is not intended to indicate whether hexiosec processes the asset or not how are secondary assets connected? to understand how secondary assets relate back to the seed domains, you can use the graph page and filter by domains and secondary assets