Posts

Showing posts from August, 2021

Attack Surface Management - What's old is new again!!

Image
  Attack Surface Management (ASM), a new sexy approach to cyber security visibility.  "How about we try to see what systems are exposed to the public Internet  so we can make sure they are being secured." ASM is not Vulnerability management (detection of cyber security weaknesses) but rather takes a step back to answer the question, "What do I need to secure?" but is can also help identify the SBoM (Software Bill of Materials) across deployed systems. Attack Surface Management (ASM) which provides you the ability to see all services exposed to the public internet across your global estate. As new systems are deployed, decommissioned or a system changes, ASM can inform you of the event.  This is done in real-time and on a continuous basis in most cases. I wrote a bog in 2018   when we first introduced Edgescan's ASM solution which has evolved since by including both API discovery and multi-region monitoring. API discovery  locates exposed API endpoints using mult