Attack surface management (ASM) is a somewhat confusing topic that starts with a fundamental question: What exactly is the attack surface? In reality, it’s everything—internal assets, external corporate assets, third-party assets, people, everything. That said, the emerging attack surface management category focuses on internet-facing assets alone. Hmm, just another day in the perplexing cybersecurity realm.
Now, just because attack surface management tools track only internet-facing assets doesn’t make ASM easy. Large organization often have thousands, tens of thousands, or more internet-facing assets, including websites, sensitive data, employee credentials, cloud workloads, S3 buckets, source code fragments, SSL certificates, and so on.
More Stories
Tech Giants Launch Post-Quantum Cryptography Coalition
IBM, Microsoft, MITRE and others join forces Read More
CISA Publishes Hardware Bill of Materials Framework
Agency says it will help firms better manage supply chain risk Read More
Pension Firms Report 4000% Surge in Breaches
Financial services targeted remorselessly over past year Read More
Sophisticated APT Clusters Target Southeast Asia
Unit 42 uncovered three separate threat actor clusters: Stately Taurus, Alloy Taurus and Gelsemium Read More
China-Linked EvilBamboo Targets Mobiles
This extensive operation is directed at Tibetan, Uyghur and Taiwanese individuals and organizations Read More
Voting Equipment Giants Team Up For Security
The move aims to combat the rampant spread of misinformation among American voters Read More