Attack Surface Management (ASM) #
Order a scanning of your External or Internal Attack Surface, or let us help build your Vulnerability Management Program, the services we provide are outlined below.
External Attack Surface Management #
Want your Internet Facing systems scanned for Vulnerabilities? Using our own Internet Scanners and Open Source Intelligence we can give you a clear picture of your Security Posture. Our Internet scanners are deployed in EU countries and as soon as we have your approval we can start scanning your internet facing systems for vulnerabilities and create a pragmatic mitigation plan with you, and for you.
Internal Attack Surface Management #
Detecting and controlling the inherent risk of vulnerabilities across all assets with Vulnerability Scanners deployed across your network(s). Our scanner is based on the Greenbone Vulnerability Manager Community Edition and can be deployed on all sizes of networks collecting all vulnerability information centrally. We also offer to collect that information in Elastic, OpenSearch, or Splunk.
Passive Asset and Vulnerability Discovery #
Passive Asset and Vulnerability Discovery is a method of identifying and cataloging the devices and software in a network by monitoring the network traffic and system logs. Unlike active asset discovery, which involves sending requests or probes to the network devices, passive asset discovery does not generate any additional network traffic or impact the network performance. Passive Discovery often provide a more comprehensive and accurate inventory of the network assets, as it can detect devices and software that are not visible or responsive to Active discovery methods. Passive discovery can also help identify potential security risks, such as unauthorized or vulnerable devices and software, by analyzing their network behavior and signatures.
Vulnerability Management Program #
If you need help establishing and running a Vulnerability Management Program we can help you build this from the ground up, ensuring that you are able to address what matters, and not run around like a headless chicken patching everything and anything. We always focus on Known Exploited Vulnerabilities as well as applying the context of the system or service and the actual vulnerability.
ASM’s role in Configuration & Asset Management #
ASM plays a crucial role in configuration and asset management, as it helps to identify and control the risks associated with the various entry points that can be exploited by attackers. By integrating the ASM processes and tools with your Configuration Management Platform, the following value-adds can be realized.
- Previously unknown assets can be identified and brought under control, setting security standards for previously unmanaged OT and IT systems, securely retiring orphaned systems, eliminating rogue assets.
- Complexity and size of your attack surface can be reduced by eliminating unnecessary or redundant assets, ports, services, and protocols.
- Visibility and accuracy of your asset inventory will be improved by continuously scanning and updating the information about the assets, their configurations, dependencies, and vulnerabilities.
- Prioritization and remediation of security issues will be improved by assessing the criticality and exposure of the assets, and applying the appropriate patches, updates, or mitigations.
- The efficiency and effectiveness of the security operations increase by automating the ASM processes and integrating them with other security tools and workflows.