Legacy attack surfaces were small and simple. There were fewer servers and endpoints to protect. The tooling required to secure it was basic – perimeter firewalls, antivirus software, and server/network/application monitoring tools. When organizations migrate to the cloud, things change and become complex. For starters, on-premise infrastructure and applications can’t be left out in favor of the cloud. Most organizations run hybrid setups.

Vulnerability management is a major component of any cybersecurity strategy, simply because every vulnerability represents another potential vector through which an organization can be attacked.

When managing an organization’s attack surface, the focus often falls on broad categories like firewalls, endpoints, or software vulnerabilities. Yet, one obvious blind spot is login pages. Login pages are not just entry points for users but potential gateways for attackers. From an EASM point of view, login pages pose important security concerns because of their exposure to the Internet.

Penetration testing, dynamic application security testing (DAST), and attack surface management (ASM) are all strategies designed to manage an organization’s digital attack surface. However, while each aids in identifying and closing vulnerabilities, they have significant differences and play complementary roles within a corporate cybersecurity strategy. Let’s take a quick look at the definition of each of these strategies.

In June 2024, the digital world was rocked by a significant supply chain attack involving Polyfill.io, a JavaScript library that had been a staple in web development for over a decade. Originally designed to ensure compatibility between older browsers and modern web APIs, Polyfill.io became a silent vulnerability when a Chinese company named “Fun Null” acquired the domain in February 2024.

This post is based on ongoing security research – the post will continue to be updated as we get additional information… A critical vulnerability has just been announced in Ivanti’s Virtual Traffic Manager (vTM) that allows unauthenticated remote attackers to create administrator users.

Non-human identities (NHIs) dominate the era of cloud services and SaaS applications. They are the identities that authenticate between different servers, APIs and third party integrations to provide programmatic access to data and services. Non-human identities utilize different protocols, such as OAuth, REST and SSH.

TLDR: The ways that organizations find and fix security exposures have been flawed for years. Traditional vulnerability management (VM) programs have failed to address the core issues. What’s worse, the relatively new category of External Attack Surface Management (EASM) has not solved the problems it aimed to solve. But hope, in the form of Exposure Management, is on the way.

Securing a network against cyber threats requires a thorough understanding of its vulnerabilities. A vulnerability assessment is a detailed process aimed at identifying, evaluating, and ranking potential weaknesses within a network setup. From examining configurations to assessing access controls, this assessment dives deep into every aspect of the network to uncover areas of vulnerability.

External Attack Surface Management, or EASM, empowers organizations to proactively manage and secure their digital presence in an ever-evolving threat landscape. There are two critical EASM processes that this blog post will cover – Asset Discovery and Attack Surface Mapping.