OpenSkillIndex← back to search
claude-code

Agent-Skills azure-external-attack-surface-management

Expert knowledge for Azure External Attack Surface Management development including limits & quotas, configuration, and integrations & coding patterns. Use when querying EASM assets, setting policy rules, exporting to Log Analytics or Data Explorer, or estimating billing, and other Azure External Attack Surface Management related development tasks. Not for Azure Defender For Cloud (use azure-defender-for-cloud), Azure Security (use azure-security), Azure Sentinel (use azure-sentinel), Azure Firewall (use azure-firewall).

install
source · Clone the upstream repo
git clone https://github.com/MicrosoftDocs/Agent-Skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/MicrosoftDocs/Agent-Skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/azure-external-attack-surface-management" ~/.claude/skills/microsoftdocs-agent-skills-azure-external-attack-surface-management && rm -rf "$T"
manifest: skills/azure-external-attack-surface-management/SKILL.md
source content

Azure External Attack Surface Management Skill

This skill provides expert guidance for Azure External Attack Surface Management. Covers limits & quotas, configuration, and integrations & coding patterns. It combines local quick-reference content with remote documentation fetching capabilities.

How to Use This Skill

IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g., 

L35-L120
), use 
read_file
with the specified lines. For categories with file links (e.g., 
[security.md](security.md)
), use 
read_file
on the linked reference file

IMPORTANT for Agent: If 

metadata.generated_at
is more than 3 months old, suggest the user pull the latest version from the repository. If 
mcp_microsoftdocs
tools are not available, suggest the user install it: Installation Guide

This skill requires network access to fetch documentation content:

  • Preferred: Use 
    mcp_microsoftdocs:microsoft_docs_fetch
    with query string 
    from=learn-agent-skill
    . Returns Markdown.
  • Fallback: Use 
    fetch_webpage
    with query string 
    from=learn-agent-skill&accept=text/markdown
    . Returns Markdown.

Category Index

CategoryLinesDescription
Limits & QuotasL31-L35Explains how Defender EASM billing works, what counts as a billable asset, and how asset counts affect costs and quotas.
ConfigurationL36-L49Filtering and querying EASM inventory by asset type (domains, hosts, IPs/blocks, ASNs, pages, contacts, SSL certs) and configuring policy engine automation rules.
Integrations & Coding PatternsL50-L53Configuring Defender EASM to export discovery and asset data into Log Analytics and Azure Data Explorer, including connection setup and data usage for analysis.

Limits & Quotas

TopicURL
Understand Defender EASM billing and billable asset countshttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/understanding-billable-assets

Configuration

TopicURL
Use ASN asset filters in Defender EASM inventoryhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/asn-asset-filters
Use contact asset filters in Defender EASM inventoryhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/contact-asset-filters
Apply domain asset filters in Defender EASM inventoryhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/domain-asset-filters
Apply host asset filters in Defender EASM inventoryhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/host-asset-filters
Use Defender EASM inventory filters and saved querieshttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/inventory-filters
Use IP address asset filters in Defender EASMhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/ip-address-asset-filters
Use IP block asset filters in Defender EASMhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/ip-block-asset-filters
Apply page asset filters in Defender EASM inventoryhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/page-asset-filters
Configure Defender EASM policy engine automation ruleshttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/policy-engine
Use SSL certificate asset filters in Defender EASMhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/ssl-certificate-asset-filters

Integrations & Coding Patterns

TopicURL
Configure Defender EASM data connections to Log Analytics and ADXhttps://learn.microsoft.com/en-us/azure/external-attack-surface-management/data-connections