In today's rapidly evolving cybersecurity landscape, the need for comprehensive defense strategies is more critical than ever. External Attack Surface Management (EASM) emerges as a crucial component, offering organizations valuable insights into their external vulnerabilities. In this blog post, we delve into how EASM complements existing security technologies and enhances overall defense posture.
Here is the verbatim discussion:
Resource so highly encourage folks to go and learn about it any thanks Ed for that appreciate it um any anybody BOS T any to add before I throw a few questions maybe if we can get into the question considering we just have five minutes un they just add something no I I think I'm good too so please give to the questions cool um so here's a couple questions and they're from every they're at us from uh from every aspect from a business perspective from a from a technology complement perspective and then from a technical perspective so I'm gonna use the I'm gonna I'm gonna just pick one because this one I like this one I like this one the best how does um external attack surface management uh complement other security Technologies so I like to use the term all the time how do we help leverage total cost of ownership in an environment right is esm going in there to try to replace things or is it something where you can create a technology integration to again where easm can kind of you know I'm an old guy used to these BS BASF used to have a a commercial thing a commercial on TV it was called we don't make your speaker we make it louder so does BM make your speaker louder or does it replace the speaker right so I think it makes it louder but I don't know I'm not anybody answer that how do does es ASM in your mind I'm G to throw this out to tages how would this Tech uh this this type of of of security offering external tech service manag complement other security tools that have been deployed so what I would take and say compare it with something like a Digital Risk protection so if if you look at easm that focuses more on the Discovery aspects that's like because mentioned that primarily more on the Recon side well something like a Digital Risk protection provides you a 360 degree view it also does a takeown but uh esm as it stands uh like Paul you rightly mentioned in the BASF analogy right it's not replacing or it's not U taking away your speaker and creating a new one it's not doing something which has not been done before it's just possibly providing some method to the madness and organizing things uh better so that um we understand that the to treat the external attacks differently and the external assets differently in terms of the risk it brings to the table as compared to the internal so so let me add to that a little bit so the thanks the so um I mean apart from few of the key things which you mentioned esm complements a few few of the aspects like for example it complements the vulnerability Management program because a VM program is as good as the coverage of its assets right if you don't have the coverage of assets then he can't do a good job right so that's one uh the second thing which it brings is the continuity I mean you can do reconnaissance as a con Consulting exercise using team using open source tool but can you do that on an hourly basis can you do that on a daily basis it's not possible right so it complement those programs by giving you the ability to do it on a continuous basis and today if you look at the ransomware guys the the nation state actors they are doing it continuously so we should also do it continuously that's the kind of second area where it compliments uh it also compliments um the red and blue timing organization in a way because it frees up a lot of their like maybe I don't know 80% of their bandwidth in terms of doing those same old stuff so that that can be given to automated tools and they can do those deeper and more complex stuff so it can also augment your red teaming organization um it can also augment the sock like what I mentioned the last time and the ti program so I'm not elaborating on that so esm does a few things are uh which which others don't do in in in certain ways but then it also augments multiple of the those internal Security Programs which are already existing which gives the completeness which helps in the completeness and which also helps in the continuity may not be the depth as Ed mentioned esm is more about the breadth but for depth you need to go for pentesting and the other stuff so it offers or complements many of these programs in terms of breadth of coverage and continuity that's great and by the way Paul I would I know there are some more questions I I have a hard stop so I would let um AED and P yeah I was that was a great I think that was a great way to end I mean I I I think we all have you know I want to be respectful of everybody's time and all the attendees and all of our panelists we very much appreciate everything U you guys were able to do for us today this is very interactive we probably could go for five hours on this thing but then we would all be asleep and eating our arms and stuff like that but uh no uh great job today thank you all very much thank you for the attendees pulami behind the curtain thank you for all of your participation and support we'll see you all next week at the uh.
Highlights:
Enhancing Vulnerability Management: EASM complements traditional vulnerability management programs by providing a broader scope of assets to assess. It ensures that organizations have comprehensive coverage, enabling them to identify and remediate external vulnerabilities effectively.
Continuous Reconnaissance: Unlike periodic assessments, EASM enables continuous reconnaissance of external assets. This proactive approach aligns with the evolving tactics of threat actors, who continuously probe for weaknesses. By conducting regular reconnaissance, organizations can stay ahead of emerging threats and minimize risk exposure.
Augmenting Red and Blue Teaming: EASM frees up resources within red and blue teams by automating repetitive tasks associated with external reconnaissance. This allows teams to focus on more complex security challenges, such as threat hunting and response, thereby enhancing the overall effectiveness of the security operations center (SOC).
Comprehensive Security Strategy: EASM contributes to a holistic security strategy by complementing other security technologies and programs, such as threat intelligence (TI) and digital risk protection (DRP). It provides breadth of coverage and continuity, ensuring that organizations have a robust defense posture against external threats.
As organizations grapple with the evolving threat landscape, the role of EASM becomes increasingly pivotal in strengthening cybersecurity defenses. By providing continuous reconnaissance and comprehensive coverage of external assets, EASM enhances vulnerability management programs, augments red and blue teaming efforts, and contributes to a holistic security strategy. Embracing EASM as part of an integrated defense approach empowers organizations to proactively identify and mitigate external threats, ultimately safeguarding critical assets and data from cyber attacks.
Speakers:
Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to
the cloud.
https://twitter.com/bikashbarai1
https://www.linkedin.com/in/bikashbarai/
Ed Adams, a seasoned software quality and security expert with over two decades of industry experience. As CEO of Security Innovation and a Ponemon Institute Research Fellow, Ed is renowned for his contributions to advancing cybersecurity practices. With a diverse background spanning from engineering for the US Army to senior management positions in leading tech companies, Ed brings a wealth of expertise to the table.
https://www.linkedin.com/in/edadamsboston
Paul Dibello, based in Duxbury, MA, US, is currently a Senior Vice President Global Business Development at ShadowDragon, bringing experience from previous roles at FireCompass, R9B, Virtru Corporation and iSIGHT Partners - A FireEye Company. Paul DiBello holds a 1986 - 1990 Bachelor of Arts (BA) in Economics @ Princeton University. With a robust skill set that includes Software, Sales, Project Management, Development, Operations and more, Paul DiBello contributes valuable insights to the industry.
https://www.linkedin.com/in/pauldibello11
Tejas Shroff based in Boston, MA, US, is currently a Software Engineer at Tangle, bringing experience from previous roles at Aperion Studios, XPO Logistics, Inc., Oculus VR and Beach Day Studios. Tejas Shroff holds a 2019 - 2019 UX Design Immersive in Design & User Experience @ General Assembly. With a robust skill set that includes Leadership, Social Networking, Start Ups, Social Media, Teamwork and more, Tejas Shroff contributes valuable insights to the industry.
Comments