Attack Surface Management
Complete visibility.
Continuous monitoring.
Risk prioritization.
Find & Secure Your Security Blind Spots
Identify security blind spots and map all assets discovered in your global IT ecosystems. Our platform continuously evaluates information in real-time as new assets are deployed, decommissioned or as a system changes.
The platform leverages both vulnerability data and business context to prioritize risk – this way developers can fix critical exposures first.
See Your Attack Surface Just Like an Attacker
The Edgescan platform uncovers all attack vectors that can be used to breach your most critical assets, including data exposures and misconfigurations.
It uncovers all attack vectors that can be used to breach your most critical assets, including data exposures and misconfigurations.
You can't secure what you can't see...
Attack Surface Management (ASM) provides you the ability to see all services exposed to the public internet across your global estate.
As new systems are deployed, decommissioned or a system changes, ASM can inform you of the event. This is delivered in real-time and on a continuous basis.
The challenge is to keep pace with change, as change may introduce risk.
Manage and Reduce Your Risk
Complete Visibility. Continuous Monitoring. Risk Prioritization.
Complete visibility across your digital footprint
The platform Intelligently probes and identifies all networking devices, internet-facing devices, platforms, operating systems, databases, and web applications. It finds unknown assets systems across the entire internet, identifies security blind spots from discovered assets, discovers APIs, enumerates shadow IT and automates the analysis of changes across the entire IT ecosystem.
Map & inventory DNS/internet records
Discover existing records related to your deployed systems, servers, websites, API’s and applications.
Discover and inventory subdomains – Find related or obfuscated records that may direct an attacker to your internet footprint.
Unlimited and on demand investigations
Run proactive and continuous investigation at the pace your organization requires.
The platform also provides complete visibility and the flexibility for organizations to modify their change and deployment models whenever needed.
Set up custom alerts and get notified for discoveries then track and inventory exposures. Receive notifications as events happen, when new systems are deployed, decommissioned or a system changes, such as:
– Exposed services
– Outdated software
– Rogue deployments
– Unknown APIs
– IoT detection
– Applications / DNS
Key Features of Attack Surface Management
Discovery Engine
The Edgescan discovery engine asynchronously scans across an organizations entire IT ecosystem. We continuously search for and intelligently evaluate, networking devices, platforms, operating systems, databases and applications.
Attack Surface Mapping
Edgescan ASM maps and indexes your attack surface to determine which ports and services are present. This helps you detect exposed ports, vulnerable services and even misconfigured firewalls or ACLs.
Customizable Scan Profiling
Organizations can specify which services and systems are the highest priority and highest risk.
Service Detection
Discovery of exposed services based on response fingerprints and identifiers. This aids in the discovery of exposed old or deprecated systems and coupled with continuous vulnerability management, is very effective in reducing exposure windows.
On-Demand Live Retests
As you address exposures, you can trigger on-demand probing to ensure the issue has been fixed.
Historical Host Information
Detailed history of past host discovery data, can assist with incident reporting and root cause analysis.
Detection
Detection of misconfigured ACL’s or Firewall rules that could lead to service exposures and weaknesses.
Alerting
Customizable alerting by email, SMS or webhook. Automatic notification of any potential exposures in real time.
API Discovery
Continuous API detection to ensure you know which of your API’s are exposed to the internet. This can help detect rogue, legacy or forgotten deployments and assets.
Integrations
Integrate into native cloud services. Ensure your entire cloud attack surface is under management as it evolves with native cloud service integrations (Amazon Web Services, Azure, Google).
Multi-Region ASM
Assess your landscape from any region across the globe and detect exposures based on source traffic geolocation.