In the ever-evolving landscape of cybersecurity, Attack Surface Management (ASM) has emerged as a crucial tool for organizations seeking to safeguard their digital assets. However, the journey towards understanding ASM and its significance is often shaped by diverse experiences and insights from cybersecurity professionals. In this blog, we delve into the diverse perspectives and catalysts that have propelled the evolution of ASM, shedding light on its role in mitigating modern security threats.
Here is the verbatim discussion:
So I think very broad exposure to a lot of different business processes but also many different Technologies there uh and then you know I I work through the sisadmin network engineering and then transitioned into security just as a natural extension of the work I was doing but the whole the whole way along this journey you know um I've always worked in either highly regulated Industries so think banking fin Healthcare or uh I've worked in smaller teams startups uh where even if you are a dedicated security person you're still helping out on the network side or on the system side or in the cloud side or in the the identity side you have to pitch in where you can because it's a small orc or if you're working in a highly regulated space say Pur is is the search engine for iot that's what it was called I don't know if it's still called that but essentially you know if you're not familiar with showan it's like Google but for Internet connected stuff Cloud resources webcams security cameras uh whatever ends up on the Internet ends up in showed in and it fingerprints it it looks to identify what type of service maybe manufacturer what operating systems Etc and you can go there and you can look for specific versions of os Hardware uh applications that you know are vulnerable and you can search for it just as easily as you would search for an answer from Google so I never really considered that as being the Catalyst for ASM but definitely that's a tool set that attackers have had for 10 years we as Chris yeah they've absolutely been using it and I guess you are aware of this this is very interesting I didn't notice it for quite some time this lot of these bug Bounty platforms they actually get this Recon information from whatever be the source maybe Shodan maybe elsewhere and they pass on this intelligence like here is this open database expose database or something like that to the bounty hunters so the bug Bounty platforms are in a way helping the Bounty Hunters by giving them this Intel I know like one of the companies which is you could have called it an ASM company but what they're doing is they're giving this feed away to the bounty hunters so that they can do better bounties or whatever huh so this information is getting uh in the hands of like the black hats to White hats to gray hats to everybody like you said it's been democratized uh because previously to do what showen does now so easily would require that you have a you've developed the skill set to do that maybe build scripts and then parse through the data and it was not easy and it was not trivial now it is easy and trivial um so that's you know showan census is another C Cen Sy uh similar but I think they're starting to put up a pay wall for some of their stuff uh and to a a lesser extent quickly becoming a greater extent chat GPT uh this is going to be leveraged much the same way showan was you know it's it's G to go and while showan finds the devices I imagine chat GPT is going to then uh provide context around well when was this patch released and what specific versions and maybe what was fixed?
Highlights:
Diverse Professional Journeys: The adoption and understanding of ASM are often influenced by the varied professional journeys of cybersecurity professionals. From sysadmin and network engineering roles to transitioning into security, individuals bring a broad exposure to different business processes and technologies. This diverse background equips them with the skills and insights necessary to navigate the complexities of ASM effectively.
The Role of Tools like Shodan: Tools such as Shodan have played a pivotal role in shaping the landscape of ASM. Dubbed as the "search engine for IoT," Shodan provides invaluable insights into internet-connected devices, cloud resources, and vulnerabilities. Its ability to fingerprint and identify vulnerable assets has made it a crucial resource for both attackers and defenders alike, highlighting the importance of ASM in proactively addressing security risks.
Democratization of Threat Intelligence: The democratization of threat intelligence, facilitated by platforms like bug bounty programs and emerging technologies like chat GPT, has further underscored the significance of ASM. Bug bounty platforms leverage reconnaissance information, including data from Shodan, to empower bounty hunters with actionable insights. Similarly, emerging technologies like chat GPT hold the potential to provide contextual information and enhance the efficacy of ASM in identifying and mitigating vulnerabilities.
As the cybersecurity landscape continues to evolve, ASM remains at the forefront of organizations' defense strategies. The diverse experiences and insights of cybersecurity professionals, coupled with the proliferation of threat intelligence platforms and emerging technologies, have propelled the evolution of ASM. By embracing ASM as a proactive approach to identifying and mitigating security risks, organizations can enhance their resilience in the face of evolving threats. As we navigate the complexities of cybersecurity, ASM stands as a testament to the collective efforts of cybersecurity professionals in safeguarding digital assets and mitigating risks effectively.
Speakers:
Chris Ray, a seasoned professional in the cybersecurity field, brings a wealth of experience from small teams to large financial institutions, as well as industries such as healthcare, financials, and tech. He has acquired an extensive amount of experience advising and consulting with security vendors, helping them find product-market fit as well as deliver cyber security services.
Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.
Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to
the cloud.
Comments