Why EASM Is Foundational For Continuous Threat Exposure Management (CTEM) & Penetration Testing

Why External Attack Surface Management (EASM) is foundational for Continuous Threat Exposure Management (CTEM)

Gartner says “CTEM is defined as a set of processes and capabilities that allows enterprises to continually and consistently evaluate the accessibility, exposure and exploitability of an enterprise’s digital and physical assets. It is composed of phases — scoping, discovery, prioritization, validation and mobilization — and underpinned by a set of technologies and capabilities, of which EASM is one. CTEM is different from risk-based vulnerability management (RBVM) in that the latter is an evolution of traditional vulnerability management, while CTEM is the wider process around operating and governing overall exposure. It includes solving the identified vulnerabilities as well as optimizing processes in the future so that the vulnerabilities do not resurface. 

EASM is foundational to CTEM for two reasons. First, it provides continuous and improved visibility into assets that organizations have less control over, such as SaaS applications and data held by supply chain partners and suppliers. Second, it assesses and prioritizes resources in mitigating/remediating issues that attackers are most likely to exploit and therefore benefits organizations during the first three phases of CTEM: scoping, discovery and prioritization.” Learn more about Continuous Threat Exposure Management or CTEM: A New Security Approach For CISOs.

  • CTEM enables continuous assessment of accessibility, exposure, and exploitability of digital and physical assets
  • CTEM includes phases like scoping, discovery, prioritization, validation, and mobilization
  • EASM is a foundational component of CTEM, offering enhanced visibility into assets like SaaS applications and third-party data
  • EASM helps assess and prioritize resources for mitigating issues most likely to be exploited by attackers during the initial phases of CTEM
  • CTEM differs from risk-based vulnerability management (RBVM) by encompassing broader exposure governance and ongoing optimization processes

 

Why EASM is foundational for Continuous Penetration Testing 

Gartner says, “EASM can complement penetration testing during the information gathering phase about the target (finding exploitable points of entry). The convergence between penetration testing and EASM will become more prominent as automated penetration testing solutions continue to emerge. 

Most penetration testing performed today is human-driven, outsourced and conducted annually (making it a point-in-time view), which is why the automated penetration testing market has emerged. Although automated penetration testing is an emerging market on its own, some vendors have already added EASM and vice versa. This is because vendors that started in the automated penetration testing market were initially only doing automated network penetration testing and not external testing. Technologies such as EASM, DRPS, BAS and automated penetration testing can collectively provide organizations with a realistic view of the full attack surface within their environment. This lets organizations test what they can or cannot prevent and detect, as well as determine how they would respond in the event of an attack. Therefore, the convergence of these technologies can better support organizations in their CTEM program.” Learn more about Why Is Gartner Talking About External Attack Surface Management (EASM) & Real-Life Attacks

  • EASM complements penetration testing by aiding in information gathering to identify entry points.
  • Automated penetration testing solutions are growing, leading to a convergence with EASM
  • Current penetration testing is largely human-driven, outsourced, and performed annually, providing a point-in-time perspective
  • Automated or continuous penetration testing is emerging due to its ability to provide ongoing assessments
  • Vendors are integrating EASM with automated penetration testing tools to enhance capabilities
  • Technologies like EASM, DRPS, BAS, and automated penetration testing together provide a comprehensive view of an organization's attack surface
  • The convergence of these technologies supports organizations in their CTEM (Continuous Threat and Exposure Management) programs.

 

 Why Is Gartner Talking About External Attack Surface Management (EASM)?

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform