The era we are living in has transformed the Internet and IT from being a convenience for people and organizations into a cyber liability. In an IT infrastructure, almost any system is now an integrated system that has internet connectivity. With assets, devices, resources, hardware, and software, being changed, patched, or updated continuously, it is critical to have an approach that continuously collects and classifies the inventory, discovers the risks, and monitors the organization’s IT infrastructure.

Classifying, protecting, and identifying digital assets have always been a key to mitigate cybersecurity risks. Attack Surface Management (ASM) is designed to automate these security measurements at a level of functional breadth and depth in coverage of systems that traditional solutions such as firewalls, SIEM solutions, or endpoint protection system have not been able to deliver before. ASM’s continuous and proactive approach to identifying and managing the attack surface allows organizations to be more confident about having comprehensive visibility into what an attacker could target, about knowing where known vulnerabilities still need to be fixed, and about being better protected from new vulnerabilities. The increase in remote work as well as the continuing adoption of cloud services have expanded organizations’ attack surfaces. ASM, as a group of solutions, aims to identify the attack surface and thus for managing and mitigating risks, and help organizations increase their cyber-attack resilience.

KuppingerCole Analysts predicts that ASM will become a widely deployed capability in the next decade. This is supported by recent evolutions in the market, such as the acquisition of Mandiant by Google for around $5.4bn. ASM specialists like Axonius, Censys, Cyberpion, and CyCognito recently announced new funding at a significant level, up to $200m. We expect to see large enterprises prioritizing ASM tools in their cybersecurity investment plans as well as further mergers and acquisitions in the ASM market.

Recommendations to reduce Attack Surface

ASM is an emerging solution for cybersecurity leaders who are looking to complement their existing monitoring and testing tools. It is also an opportunity for cybersecurity leaders to take proactive measures in response to increasing cyber threats and unidentified vulnerabilities.

Believe in Zero Trust: Zero Trust is a security paradigm based on the principle of “Don’t trust. Verify!”. According to Zero Trust concept, no device, user, workload, or system should be trusted by default. For further information, check out our Comprehensive Guide to Zero Trust Implementation insight.

Determine an ASM Strategy: Decide on which security leader will serve as the ASM manager. Inform all the stakeholders and make sure of participation of departments/functions pertaining to the attack surface within your organization.

Define Your Requirements: Understand your specific requirements for today’s and future use cases and prioritize them.

Analyze the Market for Potential Vendors: Understand the ASM market, and which vendors could serve your requirements.

Choose a Vendor: Request ASM related information and, if possible, a PoC to see their implementation capabilities from vendors. Define your use cases and compare results from each vendor. Select the one that matches the most with your use cases and answers your needs.

Stay Informed with KuppingerCole: Check out our library to discover up-to-date reports and articles in today’s cybersecurity landscape. Also, stay alerted to our Attack Surface Management Leadership Compass which will be published soon