Broad asset visibility across your entire external ecosystem
Assess High-Velocity Exploit Impact
Know when and where external assets are impacted by the latest CVE.
Activities Enabled
- Active checking of assets for vulnerability exposure
- Searchable inventory of the technology ecosystem
Real-World Coverage
- Individual checks for products vulnerable to Log4j
- Alignment with NIST National Vulnerability Database (NVD) and CISA’s Known Exploited Vulnerability catalog
Attack Surface Management Benefits
Merger & Acquisition
Know the external security posture and risk being acquired.
Activities Enabled
- Generation of a dynamic list of external assets and systems
- Continuous monitoring
Real-World Applications
- Due diligence assessment
- Post-acquisition integration and migration progress monitoring
Attack Surface Management Benefits
Identify Unsanctioned Resources
Uncover unmanaged or unknown assets as they enter the environment.
Activities Enabled
- Continuous asset discovery and monitoring
- Identification of applications, services, hosts and OS
Real-World Findings
- A developer spun up a new database instance on a personal credit card
- A “decommissioned” marketing landing page was hijacked and reactivated
Subsidiary Monitoring
Gain centralized visibility across the portfolio.
Activities Enabled
- Monitoring for security policy adherence
- Autonomy and tool standardization
Real-World Outcomes
- A higher education institution uplevels every security team at all its satellite campuses
- A private equity company holds each subsidiary accountable to remediation SLAs
Digital Supply Chain Monitoring
Identify the supply chain ecosystem that expands past third- and fourth-party providers.
Activities Enabled
- Up-to-date supply chain vendor inventory for compliance
- Read-only assessments of select supply chain vendors
Real-World Strategies
- Assessments of the external security posture of each vendor and the dependencies that present risk
- Establishment of a supply chain risk management program to proactively monitor every vendor
Working with Attack Surface Management
Working with Attack Surface Management
Inventory
Automatically inventory your extended enterprise – and see what the attacker sees.
Assess
Asset analysis for vulnerability detection, exposure assessment and risk mitigation.
Integrate
Extensive integration and alignment with all your security programs, 3rd party security tools and external repositories.
Manage
Manage changes in the attack surface over time, empowered by Mandiant Threat Intelligence and expertise
Attack Surface Management empowers digital innovation
Comprehensive asset discovery and risk mitigation help enable safe adoption of new technology and processes that speed innovation. You can better protect your perimeter and become more competitive.
Support remote hybrid work
Scale to your environment
Manage cloud computing & shadow IT
Embed governance in workflows
Build supply chain resilience
Extend security policy outside the enterprise
Webinar
Add an Early Warning System to Your Security Environment
Join Jonathan Cran, VP R&E, Attack Surface Management, to understand the cyber security challenges Attack Surface Management (ASM) solves and how it can be easily integrated into any security program.
Webinar
The Power of Automated Discovery for Testing Security Posture
Hear from Mandiant experts Brice Daniels and Chuck Gabriele on how automating aspects of reconnaissance and asset discovery benefits red team engagements and penetration testing.
Explore other Mandiant Advantage Modules
Threat Intelligence
Understand the threats Mandiant sees targeting you and your peers.
Security Validation
Continuously test and understand the effectiveness of your security controls.
Digital Threat Monitoring
Visualize malicious targeting from the open, deep and dark web.
Attack Surface Management FAQ
What is attack surface management?
Attack surface management is an approach to cyber defense that assesses and monitors external and internal assets for vulnerabilities as well as any risk that can potentially impact an organization.
An attack surface management solution continuously discovers and assesses an organization’s assets for vulnerabilities, misconfigurations and exposures.
How does a distributed work force impact attack surface management?
A distributed work force allows employees to access an organization’s network from anywhere, making it harder to enforce security policies and introducing new risks. A security team can use attack surface management to continuously monitor network access and devices, mitigate risk and enforce appropriate security policies.
What is the difference between an attack surface and attack vector?
An attack vector is an exploitable asset in the attack surface. An attack vector can be used by a threat actor for initial compromise.
How does attack surface management reduce attack surfaces?
To reduce the overall attack surface, attack surface management solutions generate an asset inventory and alert the security team to exposed assets that can be targeted for exploitation.
What does an external attack surface management solution do?
An external attack surface management solution performs assets and exposure discovery on internet-facing assets. It continuously assesses them for vulnerabilities and generates and prioritizes issues for the security team to remediate.
What are some attack surface examples?
Examples of attack surfaces include domains, IP ranges, data repositories, websites, servers, email, cloud resources, applications, microservices and employees.
What does the attack surface of a network include?
A network’s attack surface includes any application, device or user that can access the network. Examples include network services, hosts and IP ranges.
Have Questions? Contact Us
Mandiant experts are ready to answer your questions.