Attack surface management is simply cyber defense strategy that protects organization’s interconnected network of IT assets. Most of the security starts with edge devices. Edge security protects edge networks and devices, which includes anything that is decentralized from the data center. Edge devices are end user devices assets like phones, work laptops, and IoT devices and where most of the vulnerabilities exists. Edge is where threats are first detected and where most of the vulnerabilities are managed. Basic edge security includes automated monitoring and data encryption at rest and transit.
Automated monitoring includes tracking organization’s assets and its status. This starts with asset discovery, which basically maps out organization’s IT infrastructure. IT asset discovery requires both active and passive discovery. Discovery of assets are required to not only maximize efficiency of asset management but to properly secure and detect threats more quickly. It will help you identify unauthorized devices as well and identify impacts of improperly configured assets.
Security controls testing consists of testing all attack surfaces to include physical facilities, logical systems, and applications. Security control testing methods includes interface testing, code reviews, penetration testing, vulnerability assessment, log reviews, and more. You can have red team that emulates attackers to ensure they’re looking at it from attackers point of view. You can also have bug bounty programs if there aren’t enough funding and time, which basically allows ethical hackers to discover and report vulnerabilities on the open for monetary rewards.
HansITAcademy 