« Previous 1 2 3 4
ASM tools and strategies for threat management
Choose Your Armor
Conclusions
Keeping an eye on all areas of attack. The Nibelungs found this out to their own downfall. You can take some warnings from the Song of the Nibelungs that still apply today. The most dangerous attackers are people like Hagen von Tronje, who proceed with patience and thorough planning; today, this approach would be referred to as APT. The attacker is even more dangerous if they have detailed knowledge of attack surfaces – not least through carelessly disclosed internal information. Finally, the murder of Siegfried shows that exploiting even a small security vulnerability can have fatal consequences if the attacker exhibits determination and purpose.
Software solutions and SaaS offerings for attack surface management can support the defense team in their task. According to experts, ASM tools are particularly effective in large, confusing, and constantly changing IT landscapes and are helpful when you can no longer see the trees for the leaves, because they make it easier for security teams to gain an overview and set priorities promptly to close the most critical gaps as quickly as possible.
ASM can also play a role in industrial environments – at least if the industrial network is open to the Internet in the scope of Industry 4.0 or smart factory initiatives. Although cyber risk management is required by law (e.g., in NIS2), ASM is not. However, any company that becomes aware of attack surfaces as part of its risk management must respond. After all, you do not want potential attackers to find an attractively large target.
Infos
- "Attack Surface Management" by O. Celik and J. Tolbert, KuppingerCole Analysts AG, September 2023, https://www.kuppingercole.com/research/lc81218/attack-surface-management
- "Forrester's New Research On Attack Surface Management" by Jess Burn, Forrester Research Inc., January 2022, https://www.forrester.com/blogs/announcing-forresters-new-research-on-attack-surface-management-asm/
- External attack surface management, Gartner Peer Insights: https://www.gartner.com/reviews/market/external-attack-surface-management
- Stefan Strobel: https://cirosec.de/en/news/author/stefanstrobel/
- Google threat intelligence: https://cloud.google.com/security/products/threat-intelligence
« Previous 1 2 3 4
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
- Malware Remains Top Cause of Cybersecurity Incidents
-
Security and automation with SBOMs
Already mandatory in the United States and recently approved in Europe thanks to new legislation, a software bill of materials provides information about software components, enabling IT managers to respond better to attacks and vulnerabilities. -
News for Admins
WhiteSource Releases Free Log4j Detection Tool
-
Purdue Model for industrial networking
The Purdue Model maps the challenges of networking industrial systems to five levels, helping to target and mitigate risk and address vulnerabilities. We look at the Purdue Model in detail, investigate an implementation tool, and explain the role of zero trust. -
Targeted attacks on companies
Watering hole and spear phishing targeted attacks offer the greatest rewards to cybercriminals. Here's how to protect your company from these types of attacks.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
