NetSPI introduced Attack Surface Management to help secure the expanding, global attack surface. The platform delivers continuous pentesting backed by NetSPI’s global security testing team to help organizations inventory known and unknown internet-facing assets, identify exposures, and prioritize critical risks to their business.
According to Gartner‘s Emerging Technologies: Critical Insights for External Attack Surface Management report, analysts recommend attack surface management implementation “as part of a broader, enterprise-wide vulnerability and threat management effort, where known and unknown risks, vulnerabilities and assets are handled as part of a concerted and integrated strategy.”
Attack Surface Management is a core component of NetSPI’s Penetration Testing as a Service (PTaaS) delivery model. It complements the company’s established Penetration Testing and Adversary Simulation technology-powered services to provide a full suite of offensive security solutions for its customers.
“You don’t know what you don’t know, and what you don’t know can hurt you,” said Travis Hoyt, Chief Technology Officer at NetSPI. “What we have built here is a comprehensive solution to shadow IT and asset management challenges. Attack Surface Management provides an opportunity for organizations to continuously enhance their security posture, improve their penetration testing strategies, and ultimately reduce the probability and impact of a costly cyberattack.”
Key capabilities of NetSPI’s Attack Surface Management include:
- Comprehensive asset discovery: NetSPI’s Attack Surface Management technology platform leverages automated scanning and orchestration technology to map, identify, and inventory all assets and improve attack surface visibility.
- 24/7/365 continuous testing: The cloud-native, dynamic application monitors the attack surface continuously and alerts when a high-risk exposure is detected. It provides simplified and always-on attack surface visualization to view your entire external attack surface in a single platform.
- Manual exposure triaging: The NetSPI Attack Surface Management (ASM) Operations Team manually triages high-risk exposures to validate the exposure, evaluates the risk it poses to your business, supports your team with remediation advisory, and escalates worrisome exposures to our penetration testing team to investigate further.
“The current attack surface management market is reliant on technology. But to find critical exposures that put your organization at risk, human intuition is required,” said Aaron Shilts, CEO at NetSPI. “Our ASM Operations Team is rooted in 20 years of manual penetration testing expertise. We bring a human-centric, strategic approach to the market that will help security leaders get a better handle on their evolving attack surface.”
The Attack Surface Management (ASM) platform also features simple set-up, tracking and trending data over time, asset intelligence, Slack and email integrations, open source intelligence gathering, asset and exposure prioritization, port discovery, and more.