What is Attack Surface Management?
Attack Surface Management: Key Features
A relatively new cyber security problem space with its own definition has been coined since a few years now: Attack Surface Management or ASM. The term can be confusing or vague without spending some time on a clear definition. In cybersecurity there are many ‘surfaces’ that can be attacked. So what surface are we talking about? In cybersecurity, the word ‘attack surface’ is interpreted as the publicly exposed or internet exposed or external exposed IT assets.
Why Microsoft Is Now the Leader in Endpoint Detection
The cybersecurity industry is no stranger to assumptions. It’s the reason why the same established technology providers have been the focus for over a decade. It’s also the reason why Microsoft was historically overlooked as a reliable solution provider in this space.
But that’s all changing now.
Microsoft is serious about security, having invested over $1 billion USD in security development. This has pushed Microsoft to the leading edge of security across many technology areas.
Today, endpoint protection is one of the most obvious areas of improvement. The decades of Windows vulnerabilities and generic antivirus solutions that earned Microsoft its mediocre reputation are over.
For security-focused companies and industries, Microsoft shouldn’t be an afterthought—it should be the first choice.
Winds of change: causes and implications of the SolarWinds compromise
Why is it important to understand the systemic factors driving this sophisticated attack?
SolarWinds did not come out of the blue and should not be regarded as such. It’s the inevitable consequence of a powerful set of systemic factors that collectively produce a climate that is inherently volatile but can still be predicted. While forecasts for a specific day may fail, the general tendency is driven by known forces and systems.
This volatile context currently strongly favours the attacker over the defender. That is not going to change unless the systemic drivers that create it are dealt with. In this case that means confronting and addressing some factors (like a massive investment by governments into computer hacking capabilities) and accepting and adapting to others (like the strong ties of interdependence that lie at the heart of cyberspace, the business ecosystem and indeed society in general).
“Visibility is the bedrock on which security teams operate and a strong packet capture solution provides the network visibility data to enable security teams to prevent, investigate, and remediate security incidents”
This whitepaper from leading cybersecurity analyst firm, TAG Cyber, outlines why always-on, full packet capture is such a critical component of an effective cybersecurity infrastructure and how it aligns with security frameworks such as NIST.
- The benefits and limitations of
- Assessing your cyber threat surface.
- Reducing attackable points in your IT infrastructure.
- What to look for in a modern
cyber security solution.
- The benefits and limitations of
Register for our Free eBook: The Secrets of Hardening Active Directory eBook
Analysis of security vulnerabilities in WordPress ecosystem
WordPress is the most popular content management system in the world, powering 41% of the websites on the whole web. With such a scale, security becomes increasingly important.
In the whitepaper, you will find:
- Complete statistics of all WordPress vulnerabilities
- Top 5 ranking based on vulnerability types
- Top 5 ranking based on OWASP 10
- Active installations of vulnerable plugins
- And much more
IDC Provides a Solution Checklist for Transforming Zero Trust Principles to Reliable Practices
Digital transformation (DX) is creating a highly fragmented, expanding, and dynamic footprint of applications, data, devices, end users, and networks. Implicit trust, unfortunately, is a casualty. Micro-segmentation can operationalize the principles of zero trust and least privilege in balancing risk and business activity.” IDC*
The attack surface that accompanies cloud adoption not only is expanding but also is brimming with change. IDC breaks down the common traits and security challenges that organizations share as they push forward their cloud journeys to boost speed and agility in IT operations.
Zero trust and least privilege principles are critical as the risks of assumed trust are mounting.
Transforming principles to reliable practices is difficult.
Micro-segmentation eases the transformation of principles to reliable practices.
Micro-segmentation solutions vary.
Access the report now to read more about IDC’s solution checklist and recommendations for selecting an optimal micro-segmentation solution.
More Whitepapers in Our Online Library: