Attack Surface Management: Why it Matters for Every Organization


By Vincent Thiele, Deputy Chief Information Security Officer, Darktrace

The cyber-world and its risks continue to change. Digital transformation is leading to even bigger and more complex IT infrastructures. The explosion of cloud providers and organizations’ increasing reliance on third-party technology vendors have pushed attack surface management to the fore as the world contemplates its post-pandemic digital landscape.

High-impact attacks are becoming more frequent, with threat actors using more automation, targeting shadow IT, and leveraging new techniques. Meanwhile, nation and industry-wide regulations continue to dictate security standards and IT governance.

Compounding the issue is a serious skills deficit - Red Team security testing is a rare skill, and the process of conducting attacks to test an organization’s weakest points is costly, limited in scope, and imperfect in results.

Moreover, without full knowledge of a business, third-party Red Teamers often cannot identify the true extent of an attack surface. There may be infrastructure, devices, or even other suppliers that exist outside the oversight of the IT or security team and are consequently simply not baked into risk assessment. These assets may also continuously change and get updated as assets are deployed and decommissioned. For accurate attack surface management, a business needs to know what is exposed – and you can’t protect what you don’t know exists.

In the face of skyrocketing cyber-threats, many organizations now recognize that this challenge is no longer human scale – and many are turning to AI to identify risk proactively and autonomously. Darktrace PREVENT/Attack Surface Management (ASM) autonomously monitors an external attack surface, assessing all your assets for risks, high-impact vulnerabilities, and external threats.

Darktrace PREVENT/ASM also works to continuously update its findings in light of new evidence, illuminating emerging threats as soon as they appear rather than a ‘snapshot’ in time. By revealing shadow IT, supply chain risk, potential phishing domains, vulnerabilities and misconfigurations, and risks arising from mergers and acquisitions, Darktrace Attack Surface Management provides an 'outside in' perspective of your organization - which is how an attacker sees your business - allowing organizations to identify potential threats before an attack takes place.

Attack Surface Management forms part of Darktrace’s PREVENT product family. Powered by Self-Learning Al, Darktrace PREVENT delivers total visibility into every digital asset, eliminates blind spots, and hardens defenses, minimizing cyber risk to the organization. Our PREVENT product family also delivers continuous Al-driven insights from an internal perspective, testing pathways of vulnerability and then shoring up defenses to prevent attackers from reaching vital systems and data.

Sustaining Partners