The importance of attack surface management hit a major milestone this week with the release of a Gartner report titled “Emerging Technologies: Critical Insights for External Attack Surface Management,” a category Gartner calls EASM for short.
As a start-up pioneering a new market and championing a unique vision, it can be a lot of work trying to get the word out. A lot of the time, you do that at a personal level, one customer at a time.
It is very exciting and great validation when chief information security officers (CISOs) purchase and use your product along with their security teams. When they renew their subscription, and buy your product again when they move on to a new company, it is an even better feeling.
And it is also fantastic when market analysts, especially those at Gartner, recognize that they are seeing the market emerge too.
The Critical Insights for External Attack Surface Management report provides advice for both potential buyers and vendors like CyCognito. We wanted to share a copy with everyone who’s interested, but it’s not available for licensing yet. So, if you’re a Gartner subscriber you should check it out! If you’re not, please contact us and we will be happy to discuss our takeaways and share our insights on what we see in the market.
What is Attack Surface Management?
Attack surface management (ASM) is the process of continuously discovering, classifying and assessing the security of all your attacker-exposed IT assets, known and unknown, wherever they are: on-premises, in the cloud, in third-party or partner environments, or in the networks of your subsidiaries. Most solutions assess security using basic proxy measures such as banner grabbing that are incomplete and produce many false positive results.
In contrast, the CyCognito platform is an External Attack Surface Management Solution that delivers attack surface protection by combining the market’s most advanced ASM capabilities with automated multi-factor testing, to discover the paths of least resistance that attackers are most likely to use to compromise organizations.
Again, we’re gratified to see this market validation from Gartner. We believe that EASM should be the foundation of every enterprise security program, and our own approach is something we call attack surface protection, a combination of attack surface management and multi-factor security testing.