Attack Surface Management: Where is the market going?
As I watched Log4j 's position in December 2022 emerge, the importance of IT fund visibility could not have been clearer. So many security and IT teams are struggling to maintain much-needed visibility into an increasingly complex and fragmented IT environment with so much of an organization's identity unknown or unknown. -recognised due to IT, M&A, and third party / partner activity. Without adequate visibility, it is impossible to move to the application state you want and map infrastructure dependency (AIDM) as a technology group. Oh, and you can't add critical pieces to unfamiliar applications and systems!
This is where Attack Surface Management comes in handy
Forrester defines offensive surface management (ASM) as "the process for locating, identifying, recording, and assessing the asset exposures of an entity's IT assets." Your attack surface is more than what is accessible to the internet - it is your whole environment, and there is a unique opportunity in external visibility from integrating ASM devices and processes with security controls. , the CMDB, and fully asset and tracking and management platforms. mapping all connections and assets in an enterprise.
Adopters of ASM solutions recommend increased visibility, time savings, and the ability to prioritize risks. In our research interviews, a security engineer at an EMEA-based used car market said, “[Our ASM tool] we found 50% more assets than we thought we would. "And one network security architect at a US-based ISP said"[ASM] it is an essential security control. "
Where is the ASM market going?
We have just published research on ASM market, the key ASM usage issues, and essential ASM integration points in enterprise security programs. While several companies are offering ASM as a stand - alone solution, we are increasingly seeing the stand - alone offers being received (are they familiar?) I believe ASM will be a standard capability in these divisions within the next 12 to 18 months. The vulnerability of Log4j saw that just as it accelerated the need for open source software management and SBOMn.
Join, right now, over ASM
We outlined a number of recommendations in our ASM report, but I would like to point out that ASM should be thought of as a device - enabled program, not just a tool or capability. And it should be used to bring together groups with controversial priorities. If your organization is looking at the application state you want and achieve infrastructure dependency mapping, by aligning the goal of the ASM program around greater visibility and, then, visibility - and position it as a key input to the state you want - a union of security, tech, and business leaders and teams in a way that vulnerability risk management and SLAs could not internalize.
Of course, an ASM program should be a fusion or matrix group spanning multiple stakeholders, including infrastructure and functionality, application development and delivery, security, risk, compliance, privacy, marketing, social media, and other activities.
This post was written by Chief Inspector Jess Burn and first appeared here.