Cyber asset attack surface management (CAASM) or external attack surface management (EASM) solutions are designed to quantify the attack surface and minimize and harden it. The goal with CAASM tools is to give the adversary as little information about the security posture of the business as possible while still maintaining critical business services.
If you’ve ever watched a heist film, step one in executing the score of the century is casing the place: observing security measures, measuring response times, and mapping out escape routes. This process is similar to both attacking and protecting enterprise IT resources: Gain knowledge of publicly visible resources on the internet, learn what makes up the technology stack, and find vulnerabilities and weaknesses.
To read this article in full, please click here