- Attack Surface Management (ASM) is an emerging but not fully mature discipline and technical solution type within the broader field of cybersecurity.
- ASM is composed of two main branches currently, external ASM (EASM) and cyber asset ASM (CAASM). CAASM is more internally focused.
- Asset discovery, vulnerability assessment, risk scoring, and prioritization, reporting, and remediation are the primary functions of an ASM system.
- Not all ASM vendors have fully in-house developed components; many rely on third-party products for some key functionality.
- Integrations with other security and IT tools, as detailed below, are essential for enabling ASM tools to maximize their utility in customer engagements
- Dark web monitoring is a set of techniques and practices that many ASM vendors employ for threat research and discovering client specific threat information.
- Some vendors offer manual and/or automated penetration and red teaming services.
- Some vendors offer limited brand protection features.
- EASM and CAASM will merge as deploying organizations seek to combine internal and external attack surface management in a single solution.
