Skip to main content
RSA Report Landing Page Banner
Solution Brief

The Danger of Subsidiary Sprawl and Unknown Unknowns in External Attack Surface Management.

Read the full report

A banner year for merger & acquisition (M&A) activity means CISOs and security teams have to deal with even more risk across their attack surface. Every merger or acquisition opens up new possibilities for security gaps across subsidiaries, web apps, and unsafe authentication.

Read about the data points we uncovered in reviewing attack surface risk among a sample of organizations over the last twelve months.

What you don’t know can hurt your organization. Download the report to learn the dangers of subsidiary sprawl and other unknowns.


On average, an organization’s attack surface fluctuates by 5.5% every month. This can open up new attack paths into an attack surface and overwhelm an already busy security team.

In order to keep this fluid attack surface secure, it’s important to:

  • Understand the full amount of subsidiaries connected to an organization
  • Make sure web apps are safe from vulnerabilities like unmaintained assets and vulnerable open source JS library - JQuery
  • Examine vulnerabilities surrounding personally identifiable information (PII)
  • Protect against unsafe authentication