SecurityWeek: Cyber Insights 2023 | Attack Surface Management
On January 31, NetSPI Managing Director Chad Peterson was featured in the SecurityWeek article called Cyber Insights 2023 | Attack Surface Management. Read the preview below or view it online.
+++
SecurityWeek Cyber Insights 2023 | Attack Surface Management – Attack surface management (ASM) is an approach for delivering cybersecurity. IBM describes the attack surface as “the sum of vulnerabilities, pathways or methods – sometimes called attack vectors – that hackers can use to gain unauthorized access to the network or sensitive data, or to carry out a cyberattack.”
ASM requires “the continuous discovery, analysis, remediation and monitoring of the cybersecurity vulnerabilities and potential attack vectors that make up an organization’s attack surface. Unlike other cybersecurity disciplines, ASM is conducted entirely from a hacker’s perspective, rather than the perspective of the defender. It identifies targets and assesses risks based on the opportunities they present to a malicious attacker.”
ASM is consequently predicated on total visibility of assets, vulnerabilities, and exploits.
Management is the key word in ASM
The complexity of the modern infrastructure makes the complete elimination of threats an impossible task. ASM is not about the elimination of all threats, but the reduction of threat to an acceptable level. It’s a question of risk management.
Chad Peterson, MD at NetSPI, believes the nature and effectiveness of pentesting will evolve over 2023, “The attack surface has become more fluid, so you have to be able to scan for new assets and entry points continuously,” he says. “In 2023, organizations will combine traditional pentesting, which in many cases will still be required for regulatory needs, with the proactive approach of more continuous assessment of their attack surface. The result will be better awareness of the attack surface and more comprehensive traditional pentesting as there is more information about the true attack surface.”
Read the full article at SecurityWeek!
Explore More News
NetSPI Recognized in the 2026 GigaOm Radar Report for Attack Surface Management (ASM)
NetSPI Recognized in the 2026 GigaOm Radar Report for Attack Surface Management (ASM) Minneapolis, MN – March 4, 2026 – NetSPI®, the global leader in modern penetration testing, today announced it has been recognized in the 2026 GigaOm Radar Report for Attack Surface Management (ASM). GigaOm analysts Chris Ray and Whit Walters’ forward-looking report evaluates 32 ASM solutions based on their feature capabilities and nonfunctional requirements that factor into purchase decisions and determine a solution’s material impact on an organization. The recognition validates NetSPI’s continued momentum and fierce investment in platform […]
VM Blog: Five Security Shifts that Will Define 2026
Joe Evangelisto outlines several critical shifts demanding executive attention. As organizations move from open AI experimentation to governed application, leaders must implement safeguards to manage data exposure and ensure system integrity.
DataCenter Knowledge: Defending at Scale – The Importance of People in Data Center Security
As the demand for AI, cloud computing, and digital infrastructure drives rapid data center expansion, the importance of robust security measures has never been greater. In a recent conversation, Dalin highlights why human factors remain central to effective data center security, even in an era of advanced technology.