Attack Surface Management (ASM) is the continuous process of identifying, monitoring, and reducing an organisation’s external and internal attack surfaces to minimise cybersecurity risk. ASM involves discovering and assessing all digital assets, including known and unknown internet-facing systems, cloud environments, third-party dependencies, and shadow IT.
Attack Surface Management benefits from advances in AI and machine learning and is being used increasingly by organisations as part of their third party risk management strategy.
Executive Interview: The Importance of External Attack Surface Management (Tenable)
Attack Surface Management 101 w/ Ashley Knowles
Further reading
- What is attack surface management? - IBM
- What Is Attack Surface and Attack Surface Management? - Palo alto networks
- Mandiant attack surface management
- Attack Surface Management - rapid 7
- What is Attack Surface Management? - splunk
Related pages
- vulnerability management
- threat intelligence
- penetration testing
- red teaming
- asset discovery
- cybersecurity risk management
- Tenable