External Attack Surface Management
The key to it is being able to have visibility to this information and using it to understand your risks and provide enough intelligence to prioritise remediation. If EASM was a Venn diagram, we would consider it to have four over-lapping circles and those areas would be:
Discovery
To be able to monitor any of your assets, you need to know what you have. This includes anything that you display to the internet.
Vulnerability Assessment
The vulnerability landscape is constantly changing, so once you’ve determined your assets, you must continually check for vulnerabilities.
Threat Intelligence
This provides relevant information pertaining to threats that may impact you. For example, a new CVE may be released, this will be flagged and if it relates to any asset that is within your inventory. Additionally, we can tag the darkweb, deep web and clear web to understand whether any credentials relating to the business have been leaked.
People
People are often referred to as the weakest link, we can determine how susceptible you are to certain threats, such as phishing. Additionally, you can monitor C-level staff to understand how they are profiled by threat actors and to understand what information relates to them and how that is a risk to the business. We can monitor whose details have been leaked.