In today's rapidly evolving cybersecurity landscape, organizations face constant challenges in managing their external attack surface and mitigating potential risks. One approach gaining prominence is External Attack Surface Management (EASM), which encompasses reconnaissance, discovery, and continuous testing of digital assets. This blog explores the evolution of EASM, its integration with other security tools, and its role in maximizing cybersecurity resilience.
Here is the verbatim discussion:
of the world that you live in every day right security innovation NT data you have a lot of large clients you do a lot of services engagements um um as it relates to cyber exercises you do you know both from a from a training but from a uh security assessment security pen penetration testing all all of the old you know a lot of the the the old monitors that have new kind of um that you have to keep up with because you have to stay to try to stay ahead of the of the bad guys right and gals um so and what your thoughts what are you what are you seeing with your customer base as it relates to okay so I think we've beaten the concept of of surface management external attack surface management debt right so it's about reconnaissance it's about recovery it's about Discovery it's about asset inventory and it's about doing that continuously right um because things are changing every day what are your thoughts at about how taking that from where what we've seen over the past number of years some really good ASM easm products out there to the concept of continuous testing as well right so that's a biggie right and and I'm using the word testing to be very generic on purpose right there's testing there's red teaming there's attacking you know which again is the big red button that everybody's been afraid of forever what are your thoughts on the evolution there what are your client saying to you about this kind of thing yeah so you know what what what I see as a growing Trend um you know I do see things like you know um attack simulation you know hitting hitting that that big red attack button um I do think that's a natural extension for some of these easm platforms um you know easm is sometimes confused with with Bas or breaching attack simulation um but it should not be um breaching attack simulation you does not do that you know kind of scanning and Reporting um what it does is it does that continuous testing of security controls by you know automating simulated attacks you're using techniques you similar to those found in in the Met attack framework which I think we're going to be talking about a little bit later on um but Bas deployments uh historically are much more complex they usually require some type of agent or maybe multiple agents to be installed in the corporate network uh and and you know Bas is still is still pretty immature in terms of its value versus other existing methods you know like internal vulnerability scanning and and penetration testing so you know I think the value of Bas in and of itself is still you know to be determined uh and and I think uh I see it being consumed with with an a attx service management type of platform maybe starting from the from the outside and then just kind of you know um expanding naturally internally um I I still think that you know a tax refence management has a very very long Runway um you know most of our clients still cannot accurately say how many assets asss they have um and it does change every single day so you know we're we're presently trying to uh you know sell them on the concept of not just a tax surface management but that Perpetual continuous automated you know kind of red seaming and the value of it U because you if you're not let me let me put it this way um your infrastructure and uh endpoints are being tested continuously your choice is whether you want to do it as well because someone is already doing it guaranteed um so you know we I definitely see you know the the trend of um these platforms type kind of merging um and and I think you know easm will eventually might morph into ASM and cons right so I think it makes it louder but I don't know I'm not anybody answer that how do does esm in your mind I'm gonna throw this out to tages how would this Tech this this type of of of security offering external Tax Service manag complement other security tools that have been deployed well so what I would take and say compare it with something like a Digital Risk protection so if if you look at esm that focuses more on the Discovery aspects that's like bash mentioned that's primarily more on the Recon side well something like a Digital Risk protection provides you a 360° view it also does a takeown but uh yeah M as it stands like Paul you rightly mentioned in the BF analogy right it's not replacing or it's not U taking away your speaker and creating a new one it's not doing something which has not been done before it's just possibly providing some method to the madness and organizing things uh better so that um we understand that the to treat the external attacks differently and the external assets differently.
Highlights :
Evolution of EASM:
- EASM encompasses reconnaissance, discovery, and continuous testing of an organization's external digital footprint.
- Traditionally, EASM focused on asset inventory and vulnerability assessment, but it has evolved to include continuous automated red teaming (CART) and security testing (CAST).
- The objective is to provide organizations with comprehensive visibility into their external attack surface, enabling proactive threat mitigation and incident response.
Complementing Security Tools:
- EASM complements existing security tools such as Digital Risk Protection (DRP) by providing a focused approach to external threat management.
- While DRP offers a 360° view of digital risks, EASM enhances this perspective by prioritizing external assets and vulnerabilities for remediation.
- By integrating EASM with DRP and other security solutions, organizations can achieve a holistic cybersecurity posture that addresses both external and internal threats.
Continuous Testing and Automation:
- Continuous testing is a key component of EASM, allowing organizations to simulate attacks, assess security controls, and identify vulnerabilities in real-time.
- Automation plays a crucial role in EASM, enabling organizations to streamline reconnaissance, data acquisition, and threat analysis processes.
- By leveraging automation, organizations can proactively identify and remediate security gaps, reducing the risk of data breaches and cyberattacks.
Maximizing Cybersecurity Resilience:
- EASM empowers organizations to maximize cybersecurity resilience by proactively managing their external attack surface.
- By adopting a proactive approach to threat detection and mitigation, organizations can minimize the impact of cyber threats and safeguard their digital assets.
- Collaboration between EASM providers, security vendors, and cybersecurity professionals is essential to stay ahead of emerging threats and evolving attack techniques.
As cyber threats continue to evolve, organizations must prioritize the management of their external attack surface to maximize cybersecurity resilience. EASM offers a comprehensive approach to reconnaissance, discovery, and continuous testing, complementing existing security tools and enhancing threat detection and mitigation capabilities. By integrating EASM into their cybersecurity strategy, organizations can proactively identify and mitigate external threats, safeguarding their digital assets and maintaining a strong security posture in today's dynamic threat landscape.
Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to
the cloud.
https://twitter.com/bikashbarai1
https://www.linkedin.com/in/bikashbarai/
Ed Adams, a seasoned software quality and security expert with over two decades of industry experience. As CEO of Security Innovation and a Ponemon Institute Research Fellow, Ed is renowned for his contributions to advancing cybersecurity practices. With a diverse background spanning from engineering for the US Army to senior management positions in leading tech companies, Ed brings a wealth of expertise to the table.
https://www.linkedin.com/in/edadamsboston
Paul Dibello, based in Duxbury, MA, US, is currently a Senior Vice President Global Business Development at ShadowDragon, bringing experience from previous roles at FireCompass, R9B, Virtru Corporation and iSIGHT Partners - A FireEye Company. Paul DiBello holds a 1986 - 1990 Bachelor of Arts (BA) in Economics @ Princeton University. With a robust skill set that includes Software, Sales, Project Management, Development, Operations and more, Paul DiBello contributes valuable insights to the industry.
https://www.linkedin.com/in/pauldibello11
Tejas Shroff based in Boston, MA, US, is currently a Software Engineer at Tangle, bringing experience from previous roles at Aperion Studios, XPO Logistics, Inc., Oculus VR and Beach Day Studios. Tejas Shroff holds a 2019 - 2019 UX Design Immersive in Design & User Experience @ General Assembly. With a robust skill set that includes Leadership, Social Networking, Start Ups, Social Media, Teamwork and more, Tejas Shroff contributes valuable insights to the industry.
https://www.linkedin.com/in/tejasshroff
Comments