Attack surface management (ASM) is a somewhat confusing topic that starts with a fundamental question: What exactly is the attack surface? In reality, it’s everything—internal assets, external corporate assets, third-party assets, people, everything. That said, the emerging attack surface management category focuses on internet-facing assets alone. Hmm, just another day in the perplexing cybersecurity realm.
Now, just because attack surface management tools track only internet-facing assets doesn’t make ASM easy. Large organization often have thousands, tens of thousands, or more internet-facing assets, including websites, sensitive data, employee credentials, cloud workloads, S3 buckets, source code fragments, SSL certificates, and so on.
More Stories
Long Article on GM Spying on Its Cars’ Drivers
Kashmir Hill has a really good article on how GM tricked its drivers into letting it spy on them—and then...
Ring to Pay Out $5.6m in Refunds After Customer Privacy Breach
The US Federal Trade Commission will send $5.6m worth of refunds to the spied-on customers of the Amazon-owned home camera...
How to Avoid Romance Scams
It’s the romance scam story that plays out like a segment on a true crime show. It starts with a...
“Junk gun” ransomware: the cheap new threat to small businesses
A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not...
US Takes Down Illegal Cryptocurrency Mixing Service Samourai Wallet
The two founders of Samourai Wallet have been charged with money laundering and unlicensed money-transmitting offenses Read More
Hacker posts fake news story about Ukrainians trying to kill Slovak President
Czech news agency ČTK announced on Tuesday that a hacker had managed to break into its systems and published fake...