Attack Surface Management (ASM)

Attack surface management (ASM) involves systematically identifying, monitoring, and securing all points of an organization’s digital footprint that can potentially be exploited by attackers. An attack surface includes the network endpoints, webpages, APIs, cloud services, and other digital assets that can be accessed externally. 

ASM is a critical component of an organization’s cybersecurity strategy, and reducing the attack surface decreases the risk of unauthorized access and breaches. ASM tools help organizations discover, catalog, and manage their exposure to cyber threats. Organizations should regularly scan for vulnerabilities, evaluate security configurations and access rights, review and update policies, and assess how new technologies or services may grow or alter the attack surface risk.