See if you are exposed to attackers, and what you need to do next

Watch Jonathan Cran, VP of Research & Engineering, demo how Attack Surface Management discovers external assets and identifies the exposures on them, enabling security teams to uncover shadow IT, remove sprawl, reduce exposure risk, and monitor and enforce security policies.

Improvement of Cyber Resiliency

Monitor Cloud Check

Assess High-Velocity Exploit Impact

Know when and where external assets are impacted by the latest CVE.

Activities Enabled

  • Active checking of assets for vulnerability exposure
  • Searchable inventory of the technology ecosystem

Real-World Coverage

  • Individual checks for products vulnerable to Log4j
  • Alignment with NIST National Vulnerability Database (NVD) and CISA’s Known Exploited Vulnerability catalog

Network cloud

Merger & Acquisition

Know the external security posture and risk being acquired.

Activities Enabled

  • Generation of a dynamic list of external assets and systems
  • Continuous monitoring

Real-World Applications

  • Due diligence assessment
  • Post-acquisition integration and migration progress monitoring

Network forensics

Identify Unsanctioned Resources

Uncover unmanaged or unknown assets as they enter the environment.

Activities Enabled

  • Continuous asset discovery and monitoring
  • Identification of applications, services, hosts and OS

Real-World Findings

  • A developer spun up a new database instance on a personal credit card
  • A “decommissioned” marketing landing page was hijacked and reactivated


Cloud Network

Subsidiary Monitoring

Gain centralized visibility across the portfolio.

Activities Enabled

  • Monitoring for security policy adherence
  • Autonomy and tool standardization

Real-World Outcomes

  • A higher education institution uplevels every security team at all its satellite campuses
  • A private equity company holds each subsidiary accountable to remediation SLAs

Lock network

Digital Supply Chain Monitoring

Identify the supply chain ecosystem that expands past third- and fourth-party providers.

Activities Enabled

  • Up-to-date supply chain vendor inventory for compliance
  • Read-only assessments of select supply chain vendors

Real-World Strategies

  • Assessments of the external security posture of each vendor and the dependencies that present risk
  • Establishment of a supply chain risk management program to proactively monitor every vendor
Attack Surface Management

Purpose-built to support dynamic, distributed IT and the most demanding security teams

Legacy attack surface tools designed before the cloud era support static work locations and a limited set of devices and applications running behind a network firewall. Attack Surface Management has the following advantages:

Map your environment

Create comprehensive visibility through asset mapping 

Discover assets and cloud resources using 250+ pre-built integrations and techniques. Identify partner and third-party relationships. Examine asset composition, technologies and configurations in the wild.

Monitor your assets

Know when assets change to stay ahead of the threat

Monitor your infrastructure in real time to detect changes and exposures. Build a safety net for cloud adoption and digital transformation.

Manage your risk

Empower security operations to mitigate real-world threats

Automatically apply Mandiant expertise and intelligence to your attack surface. Know what’s vulnerable, misconfigured, and exposed.

What Makes Us Different

Why Mandiant Advantage Attack Surface Management?


Asset Types Categorized

Broad asset visibility across your entire external ecosystem


Vulnerabilities Covered

Active and passive checks to confirm vulnerabilities, misconfigurations and exposure


Data Source Integrations

Automatically leverage discovery techniques and enrich assets

Attack surface management is a strategic approach to cyber defense

It has rapidly become a top enterprise priority because massive adoption of cloud, SaaS and mobile across a distributed workforce means an expanding, evolving and changing attack surface subject to an increasing number of sophisticated threats.

More code in more places

The explosion of cloud, SaaS, containers and microservices means more applications in more locations, each with unique security requirements and vulnerabilities.

So many devices, so little time

Employees are relying on mobile devices to perform their work. Organizations are adopting IoT devices and sensors to collect and exchange data.

Employees drive business operation practices

Any employee can introduce any of these elements - cloud, SaaS, mobile devices, random data storage - to the work environment with minimal governance.

Business relationships share assets and risk

Partners and supply chain vendors share responsibility for assets and are the target of highly sophisticated threat actor campaigns.


Attack Surface Management empowers digital innovation

Comprehensive asset discovery and risk mitigation help enable safe adoption of new technology and processes that speed innovation. You can better protect your perimeter and become more competitive.


  • Support remote hybrid work
  • Scale to your environment
  • Manage cloud computing & shadow IT
  • Embed governance in workflows
  • Build supply chain resilience
  • Extend security policy outside the enterprise
Jonathan Cran Headshot

Add an Early Warning System to Your Security Environment

Join Jonathan Cran, VP R&E, Attack Surface Management, to understand the cyber security challenges Attack Surface Management (ASM) solves and how it can be easily integrated into any security program. 

Brice Daniels

The Power of Automated Discovery for Testing Security Posture

Hear from Mandiant experts Brice Daniels and Chuck Gabriele on how automating aspects of reconnaissance and asset discovery benefits red team engagements and penetration testing.

Explore other Mandiant Advantage Modules

Threat Intelligence

Threat Intelligence

Understand the threats Mandiant sees targeting you and your peers.

Security Validation

Security Validation

Continuously test and understand the effectiveness of your security controls.

Digital Threat Monitoring

Automated Defense

Visualize malicious targeting from the open, deep and dark web.

Attack Surface Management FAQ

What is attack surface management? expand_more

Attack surface management is an approach to cyber defense that assesses and monitors external and internal assets for vulnerabilities as well as any risk that can potentially impact an organization.

An attack surface management solution continuously discovers and assesses an organization’s assets for vulnerabilities, misconfigurations and exposures.

How does a distributed work force impact attack surface management? expand_more

A distributed work force allows employees to access an organization’s network from anywhere, making it harder to enforce security policies and introducing new risks. A security team can use attack surface management to continuously monitor network access and devices, mitigate risk and enforce appropriate security policies.

What is the difference between an attack surface and attack vector? expand_more

An attack vector is an exploitable asset in the attack surface. An attack vector can be used by a threat actor for initial compromise.

How does attack surface management reduce attack surfaces? expand_more

To reduce the overall attack surface, attack surface management solutions generate an asset inventory and alert the security team to exposed assets that can be targeted for exploitation.

What does an external attack surface management solution do? expand_more

An external attack surface management solution performs assets and exposure discovery on internet-facing assets. It continuously assesses them for vulnerabilities and generates and prioritizes issues for the security team to remediate.

What are some attack surface examples? expand_more

Examples of attack surfaces include domains, IP ranges, data repositories, websites, servers, email, cloud resources, applications, microservices and employees.

What does the attack surface of a network include? expand_more

A network’s attack surface includes any application, device or user that can access the network. Examples include network services, hosts and IP ranges.

Have Questions? Contact Us

Mandiant experts are ready to answer your questions. 

Jump To