Skip to main content
Item 1 of Infinity
Contact UsSupportPartner LoginLogin
Platform
Solutions
Resources
Company
Item 1 of Infinity
Glossary Definition

Attack Surface Management

BACK

Attack Surface Management

Attack surface management (ASM) is the process of continuously discovering, classifying and assessing the security of your IT ecosystem. The process can be broadly divided into (a) activities performed in managing internet-exposed assets (a process called external attack surface management, or EASM) and (b) management activities on assets accessible only from within an organization. Many organizations use an assortment of tools and manual processes to secure their attack surface, making the process fraught with operational complexity, human error and best-guess analysis.

External attack surface management can be a particularly daunting task due to the presence of “unknown unknowns,” as well as assets housed on partner or third-party sites, workloads running in the public cloud, IoT devices, old, abandoned or deprecated IP addresses and credentials, and more.

To see how CyCognito does EASM, go to this page.

Read More Glossary Terms
RESOURCES
Learn More About Attack Surface Management

Browse our resource center for industry-leading insights and information

Feb 3 | whitepaper-ebookAttack Surface Visibility: Foundation for CybersecuritySimon Spencer
Feb 3 | WebinarThe Top Five Requirements for External Attack Surface ManagementSimon Spencer
Jan 30 | BlogCyCognito named large vendor in Forrester External Attack Surface Management (EASM) reportGreg Delaney
Nov 17, 2022 | BlogRash Of Breaches Hit Businesses In Australia HardTom Spring