azure-external-attack-surface-management
Azure External Attack Surface Management Skill
This skill provides expert guidance for Azure External Attack Surface Management. Covers limits & quotas, and configuration. It combines local quick-reference content with remote documentation fetching capabilities.
How to Use This Skill
IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g.,
L35-L120), useread_filewith the specified lines. For categories with file links (e.g.,[security.md](security.md)), useread_fileon the linked reference file
IMPORTANT for Agent: If
metadata.generated_atis more than 3 months old, suggest the user pull the latest version from the repository. Ifmcp_microsoftdocstools are not available, suggest the user install it: Installation Guide
This skill requires network access to fetch documentation content:
- Preferred: Use
mcp_microsoftdocs:microsoft_docs_fetchwith query stringfrom=learn-agent-skill. Returns Markdown. - Fallback: Use
fetch_webpagewith query stringfrom=learn-agent-skill&accept=text/markdown. Returns Markdown.
Category Index
| Category | Lines | Description |
|---|---|---|
| Limits & Quotas | L30-L34 | Explains how Defender EASM counts billable assets, what qualifies as a billable asset, and how those counts impact licensing and costs. |
| Configuration | L35-L49 | Configuring Defender EASM inventory filters (domains, hosts, IPs, ASNs, SSL, pages, contacts), understanding asset metadata, and wiring data/policy automation to Log Analytics/ADX. |