Cloud adoption, digital transformation and the expansion of remote work have made the average company’s digital footprint and attack surface larger, more distributed and more dynamic. New assets connect to the company network daily.

 

Attack surface management (ASM) is the continuous discovery, analysis, remediation and monitoring of the cybersecurity vulnerabilities and potential attack vectors that make up an organisation’s attack surface.

 

Unlike other cybersecurity disciplines, ASM is conducted entirely from a hacker’s perspective, rather than the perspective of the defender. It identifies targets and assesses risks based on the opportunities they present to a malicious attacker. ASM relies on many of the same methods and resources that hackers use, and many ASM tasks and technologies are devised and performed by ‘ethical hackers’ familiar with cybercriminals’ behaviours, skilled at duplicating their actions.

 

This session discusses the value and outcomes we have seen with clients using this approach and philosophy.