Schedule a Demo

On February 22, 2022, Travis Hoyt was featured in a VentureBeat article titled, Pentesting Firm NetSPI Expands Into Attack Surface Management. Preview the article below, or read the full article online here.

+ + +

Exposure of internet-facing enterprise assets and systems can bring major risks for security. And yet in many cases, enterprises aren’t even aware of all the internet-facing assets they have — which of course makes it impossible to go about securing those assets and systems.

As digital transformation continues turning all enterprises into internet companies, to one degree or another, this problem of exposed assets and systems is growing fast. And that has led to the emergence of a new category of security technology: External attack surface management, or EASM.

The technology — sometimes referred to simply as attack surface management, or ASM — focuses on identifying all of an enterprise’s internet-facing assets, assessing for vulnerabilities and then remediating or mitigating any vulnerabilities that are uncovered.

A separate discipline within security is penetration testing, or pentesting, in which a professional with hacking expertise performs a simulated attack and tries to breach a system, as a way to uncover vulnerabilities that need to be addressed.

Today, enterprise pentesting firm NetSPI announced that it’s bringing the two worlds together, with the debut of its new attack surface management offering. The solution integrates the company’s pentesting experts into the attack surface management process, as a way to improve the triage and remediation of risky exposures, said Travis Hoyt, CTO at NetSPI.

“EASM does not typically include manual pentesting — at least not in the way NetSPI incorporates it into our new offering,” Hoyt in an email to VentureBeat.

However, “both are necessary to truly accomplish a holistic, proactive security program,” he said. “In today’s threat environment, conducting a pentest once a year is no longer effective given the rate at which the attack surface is changing. EASM ensures that corporate networks have constant coverage and attack surface visibility.”

Continue reading Pentesting Firm NetSPI Expands Into Attack Surface Management on VentureBeat (reporting by: Kyle Alspach).

Explore More News

NetSPI in the News | August 27, 2025

SC Media: Compromised at the Core: Why Identity Remains Cyber’s Biggest Flaw

Nick Walker, Regional Director, EMEA at NetSPI, in an article published in SC Magazine, warns that identity compromise, not exotic malware, remains the most dangerous weakness in enterprise cybersecurity.

Learn More
NetSPI in the News | August 18, 2025

Tech Monitor: Why foundational defences against ransomware matter more than the AI threat

Ben Lister, head of threat research at NetSPI, in an article published on Tech Monitor, makes the case that companies should focus on getting the basics of cybersecurity right, rather than worrying about hypothetical AI-driven ransomware threats.

Learn More
NetSPI in the News | August 4, 2025

Pioneer Press: What to know from cyberattacks in other U.S. cities

NetSPI CEO Aaron Shilts was featured in the Pioneer Press discussing why state and local governments are prime targets for ransomware attacks.

Learn More