Why Gartner is Calling External Attack Surface Management (EASM) a Critical Functionality
External Attack Surface Management (EASM) tools are not new, but only this year has Gartner named this category as a top trend to keep an eye on in 2022. So, why does the top research & consulting firm think its time has come?
The main reason is the relentless expansion of the digital footprint of most enterprises.
As IT environments become increasingly complex, organizations have to continually identify – and address – new security risks. The hybrid work model, along with a steady stream of cloud-based and on-premises applications, are constantly introducing new attack surfaces and changes to existing attack surfaces. Any addition to this footprint – no matter how small or seemingly inconsequential – can weaken an organization’s security controls and data protection efforts.
As we all know by now, all it takes is one vulnerability to lead to a breach. If an attacker manages to exploit a single blind spot, it can result in a complicated – and costly – incident.
One way that security professionals are streamlining their efforts is by leveraging External Attack Surface Management (EASM) tools, which help visualize their entire external attack surface. While it’s not a standalone measure, EASM goes a long way in helping organizations get a more complete picture of their environment – making it one of the leading cybersecurity trends for 2022.
What is EASM?
EASM is a way to discover and document external-facing assets that may be potential breach-points into an organization’s network. Specifically, EASM helps organizations gain more visibility into the applications, cloud services, and systems that are visible in the public domain – which therefore may also be visible to an attacker. From there, security teams can reduce misconfigurations, improve the setup of their systems, and reduce unnecessary exposure.
When paired with vulnerability assessments and threat intelligence – EASM can help security teams prioritize the most critical measures for mitigation. To that end, it can also play a role in:
● Cloud security and governance
● Data leakage detection
● Third-party security monitoring
● Subsidiary security monitoring
● Cyber insurance due diligence
Because of these critical capabilities, Gartner has named EASM one of their top security trends for 2022.
EASM as Part of an Integrated Security Program
EASM offers considerable value, but the knowledge of an asset alone doesn’t ensure it’s secure. Security leaders must understand their vulnerabilities and think one step further to their exploitability, evaluating what an attacker might be able to discover on the organization’s attack surface and accomplish if they were able to infiltrate a weakened network. As a result, EASM should be paired with other security measures for comprehensive risk management.
By visualizing the entire attack surface, internal and external, security teams will be able to better test controls to know their real risk at any given time and prioritize accordingly.
A Consolidated Approach to Security Validation
Rather than managing EASM, penetration testing, Breach & Attack Simulation, and other complementary efforts separately, best-in-class organizations are consolidating their efforts through Automated Security Validation (ASV). This provides continuous testing and evaluation of all organizational security layers, while emulating the potential impact of a real attack by using a variety of tools in order to get to the organization’s crown jewels. The ASV approach contextualizes these findings by understanding the exploitability of each gap. As every organization knows, knowledge is power and the more information an attacker collects, the greater the exposure in the event of a breach.
As vulnerabilities are identified, organizations can get a head start on remediation, focusing their efforts on gaps that carry the most business impact. Not only will they know where they stand at any given moment, but can also create tailored action plans that support their true exposure status.
Learn More about Automated Security Validation
As you build your security program, we’re here to help. Download your complimentary copy of the Innovation Insight for Attack Surface Management to learn more about EASM, exposure management and other emerging security trends.
Despite major investments in their security suites, organizations continue to be breached. Our Co-founder and CTO, Arik Liberzon, recently sat down with CyberNews to discuss the value of the adversarial perspective and where his inspiration from Pentera came from. Starting out, I arrived at the idea for Pentera and Automated Security Validation in a pretty...
In this post, we will examine one method of encrypting data-at-rest, specifically how to achieve Data-at-Rest Encryption for MongoDB Community Edition (CE) containers through eCryptfs. Introduction Our goal at Pentera was to implement a solution that prevents data discovery upon theft when the system is offline (e.g. if a host is stolen or someone is...
After CentOS 8 was declared end-of-life (EOL), we had to find an alternative operating system (OS) for our on-premise solution, as did many other teams and organizations. Although our deployment is container-based, we still had to prepare the groundwork for different OS areas, from security patches and network modifications to installing required packages. We had...