Thanks to the pandemic, several organizations are leaning toward cloud platforms and remote talent hiring. The problem is these activities are also making companies vulnerable to cyberattacks. The more digital platforms you adopt, the more attack surfaces you lay open for hackers. These ‘unmonitored blind spots’ are helping the cybercrooks to wreak havoc without much effort, claims Hacker News in one of its recent articles. The only way forward is to stay vigilant, and that can be done through attack surface management (ASM). What is it? Let’s find out.
Attack Surface Management: The Solution
ASM, or attack surface management, is one of the newest technologies that ‘either mines Internet datasets and certificate databases or emulates attackers running reconnaissance techniques,’ explains Hacker News. However, both methods make a granular search of domains, sub-domains, IP addresses, ports, etc. And then, ASM looks for any flaws in your internet-centric corporate assets’ security measures and exposure areas.
Cybercriminals can launch a social engineering attack on your webinars, public videos, virtual conferences, etc. So, ASM also includes monitoring the open-source intelligence (OSINT) platforms like social media.
Advanced attack surface management also suggests how you could close the gaps or reject redundant assets that hackers could use for ransomware or phishing attacks.
Cyber expert David Klein shared an ASM insight in his webinar ‘2021 state of cybersecurity effectiveness. He mentioned what Cymulate found numerous security loopholes after implementing attack surface management in its clients’ systems:
- Since 80 percent of systems did not have anti-spoofing or SPF email records, 58 percent of the email accounts were already hacked.
- 77 percent of the users did not have good website firewalls.
- 26 percent were with no DMARC record, and 23 percent had mismatched SSL certificates.
- 60 percent of the accounts, enterprise architecture, and management platforms were exposed to threat actors.
- 37 percent of the systems ran on Java hosted externally.
How to Implement ASM
If you consider an ASM implementation, ensure that the technology is integrated with your systems rather than a stand-alone device. Personalize your attack surface management platform based on the products you are scanning through it. For Endpoint detection and response (EDR) tools, focus more on scanning capabilities. On the other hand, for Extended Security Posture Management (XSPM), you should research how well the ASM solution simulates attackers’ techniques.
To view the original article, please visit this link: https://thehackernews.com/2022/02/how-attack-surface-management-preempts.html