Attack surface management (ASM) is a somewhat confusing topic that starts with a fundamental question: What exactly is the attack surface? In reality, it’s everything—internal assets, external corporate assets, third-party assets, people, everything. That said, the emerging attack surface management category focuses on internet-facing assets alone. Hmm, just another day in the perplexing cybersecurity realm.
Now, just because attack surface management tools track only internet-facing assets doesn’t make ASM easy. Large organization often have thousands, tens of thousands, or more internet-facing assets, including websites, sensitive data, employee credentials, cloud workloads, S3 buckets, source code fragments, SSL certificates, and so on.
More Stories
CISA Launches Playbook to Boost AI Cybersecurity Collaboration
CISA launched the JCDC AI Cybersecurity Playbook to enhance collaboration on AI cybersecurity risks Read More
Multi-Cloud Adoption Surges Amid Rising Security Concerns
A new report from Fortinet reveals increased adoption of multi-cloud strategies and hybrid implementations combining on-premises and public cloud infrastructure...
Chinese PlugX Malware Deleted in Global Law Enforcement Operation
The FBI deleted Chinese PlugX malware from thousands of devices in the US, using a technique developed by French cybersecurity...
Illicit Crypto-Inflows Set to Top $51bn in a Year
Chainalysis estimates threat actors made at least $51bn through crypto crime in 2024 Read More
Phishing False Alarm
A very security-conscious company was hit with a (presumed) massive state-actor phishing attack with gift cards, and everyone rallied to...
Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls
The security provider published mitigation measures to prevent exploitation Read More