Discovery is the process of finding, identifying, and inventorying systems, services, applications, and their dependencies across an environment. In enterprise security, discovery tools scan networks, cloud accounts, endpoints, and management APIs to build an up-to-date map of what exists and how components relate to one another. That map is often the input for a CMDB, vulnerability management, and operational automation.
Discovery matters because security controls depend on accurate visibility. If discovery misses a server, container, or service relationship, that asset can remain unpatched, unmonitored, or misclassified. In defense, continuous discovery helps teams reduce shadow IT, prioritize vulnerabilities by business impact, and route incidents correctly. In attack workflows, adversaries also perform discovery to enumerate hosts, services, and trust relationships before moving laterally or choosing targets. The quality of discovery is therefore a direct factor in both resilience and attack surface management.