Attack Surface Management (ASM)
What is Attack Surface Management (ASM)?
Attack Surface Management (ASM)Continuous discovery, inventory, classification, and monitoring of all assets that expose an organization to potential cyberattack.
ASM treats the attack surface as a living object: every internet-facing host, API, cloud service, SaaS tenant, code repository, and third-party connection that an attacker could target. Tools continuously enumerate these assets from external and internal vantage points, link them to owners, and flag exposures such as unpatched services, expired certificates, leaked credentials, or shadow IT. ASM bridges the gap between asset inventory, vulnerability management, and threat intelligence so risk decisions are based on what really exists today. It is essential for cloud-first, M&A-heavy, and rapidly changing environments where traditional CMDBs are perpetually out of date.
● Examples
- 01
An ASM platform that discovers a forgotten staging server exposing an admin interface to the internet.
- 02
ASM correlating a newly registered look-alike domain with an existing brand-protection workflow.
● Frequently asked questions
What is Attack Surface Management (ASM)?
Continuous discovery, inventory, classification, and monitoring of all assets that expose an organization to potential cyberattack. It belongs to the Defense & Operations category of cybersecurity.
What does Attack Surface Management (ASM) mean?
Continuous discovery, inventory, classification, and monitoring of all assets that expose an organization to potential cyberattack.
How do you defend against Attack Surface Management (ASM)?
Defences for Attack Surface Management (ASM) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Attack Surface Management (ASM)?
Common alternative names include: ASM.