Free Book - External Exposure & Attack Surface Management for Dummies
There are as many ways to describe your attack surface as there are vendors who claim to help discover or protect it. Each commercial solution provides varying capabilities tailored to some of the risks they address.
We put together a guide on some of the key capabilities that we have found – through customer feedback as well as RFPs and RFIs – that are most important when thinking about ways to actually protect your data and that of your customers from attackers that are looking for ways into your organization. While some vendors factor in non-network-connected attack paths when considering your attack surface (things like social media accounts and fake mobile apps), the critical things that your security team need to protect are those systems and attack vectors that directly link your networked systems to the internet.