External Attack Surface Management (EASM) is a crucial component of Attack Surface Management (ASM). It focuses on discovering and assessing potential vulnerabilities and security weaknesses within an organization's internet-facing infrastructure. EASM and ASM are integrated with our vulnerability management platform, so discovered assets can be automatically assessed to find vulnerabilities.
Discover & identify your external attack surfaces
For each type of asset, there are multiple automated methods available to identify, monitor, and assess them for potential vulnerabilities.
Network assets
Run discovery scans of your external networks to ensure you have identified all internet-facing assets (systems/servers, computers, IoT, and other devices). You can use the external scan resources (cloud scanners) from Holm Security to simulate visibility and accessibility across your networks. The scan automatically adds discovered assets to your asset groups (tags), and from this point, they can be automatically assessed for vulnerabilities.
- Required product for asset discovery and monitoring: System & Network Security
- Required product for assessment: System & Network Security
Learn more about utilizing discovery scans to quickly identify active network assets
Web assets
When a network scan identifies a host running an internet-facing web service, the host is automatically marked as ready to be added to the catalog. All web surfaces in the catalog can be added as web application assets and scanned with our web application scanner.
- Required product for asset discovery and monitoring: System & Network Security
- Required product for assessment: Web Application Security
Learn more about incorporating web services found by network scans into web scans
Domain asset discovery
The domain asset discovery feature can help you discover domain assets you were unaware of. It automatically checks for subdomains (e.g., server-1.yourdomain.com) on the Internet that match your domains. Discovered domains can then be added automatically to your assessments to find vulnerabilities.
- Required product for asset discovery and monitoring: System & Network Security
- Required product for assessment: System & Network Security and Web Application Security
Learn more about how to set up domain asset discovery
Cloud-native assets
Easily monitor all your internet-facing cloud-native assets and automate the detection of misconfigurations. supported vendors include:
- Microsoft Azure
- Amazon Web Services (AWS)
- Google Cloud
- Oracle Cloud
Learn more about how to assess your cloud-native platforms
Inventory & classification
Establishing and regularly updating a comprehensive inventory of assets while e categorizing them according to their associated risks and levels of exposure.
It's important to continuously evaluate newly discovered assets. External assets, which are the most exposed assets in your environment, should always be incorporated into regular assessments.
Becoming familiar with the tagging feature is highly advisable, as it provides valuable insights into your complete asset inventory. Tags play a crucial role in organizing and managing assets, and much of this process can be automated using tag rules. Additionally, assets identified under specific conditions will be marked as Internet-facing, enhancing your visibility of potential vulnerabilities.
Learn more and start creating tags
Risk analysis
Evaluating the risk linked to each asset involves analyzing its level of exposure and the potential consequences of its compromise. After a vulnerability assessment is conducted on each asset, a risk score is automatically assigned based on various criteria. This sophisticated risk-scoring system simplifies the process of prioritizing assets, allowing organizations to focus on the most critical assets.
You can read more about how the risk score is calculated here
Benchmark your risk score against others
Through the industry benchmark widget, you can compare your account risk score performance to others in the same industry and globally.
Monitoring & management
Continuously monitor the external attack surface for changes and emerging threats and take steps to manage and reduce risks. Several features help you continuously monitor how your environment develops over time. Once you have started gathering data, these are some features you can use to continuously monitor.
Dashboards
The dashboard can help you visualize your data; dozens of customizable widgets are relevant for tracking how the environment develops over time, both from an asset perspective and from vulnerabilities, including risk scores.
Continuous monitoring
Create your own dedicated monitoring profiles to be alerted to specific events. Want to be notified if someone sets up a new web server in your environment? This is the perfect feature to instantly find out.
How do I get started with continuous monitoring?
Vulnerability manager
Create filters and selections to easily find information about specific vulnerabilities affecting your assets. Mitigate risk by following the remediation advice given for every vulnerability found.