High-Fidelity Attack Surface Mapping
Eliminate blind spots and hinder attackers using these three tips to create a high-fidelity map of your organization’s entire attack surface.
“High-fidelity” is the replication of an effect, such as an image or sound, where the result is almost indistinguishable from the original. Similarly, in information security, recreating a clear picture of your attack surface is critical. Breaches happen when adversaries know more about your attack surface than you do. These days, you simply cannot afford to have a low-fidelity map of your attack surface. Clarity and precision keep you ahead of the bad guys. This is why Tenable introduced “high-fidelity” attack surface mapping.
Security tools and processes, particularly within vulnerability management and penetration testing, perform some attack surface mapping. However, the quality of the result varies and often leaves glaring blind spots. Some tools focus on identifying as many assets as possible across an enterprise but only go an inch deep in understanding each asset. The tools miss listening services, software distribution and versions, system configuration and so on. Other tools focus on going deep into each asset but miss assets located in the cloud, third-party hosted, forgotten legacy systems, test/development, across disparate business units, etc. Therefore, because it’s not a core competency in their toolset, very few organizations have an up-to-date attack surface map.
To get a high-fidelity picture of your organization’s attack surface, you need three things:
- Horizontal coverage. Cast a wide net, polling the entire internet for every asset an organization owns. An asset, as defined by hostname/IP-address, includes those located across domain names, brands, hosting providers, etc. Assets may be hosted on-premise, in the cloud, third-party applications, labeled under subsidiaries & sub-brands, physically located across geographically distributed data centers and connected through non-contiguous IP ranges.
- Vertical coverage. It’s important to have a deep understanding of each asset that you own. From security posture to technology stack to geolocation, every asset detail matters. This includes listening services (i.e., open ports), installed software and versions, access service networks (ASN) and transport layer security (TLS) certificate information. Various fingerprinting techniques may reveal the usage of authentication, CAPTCHAs, content security policies (CSP), HTTP strict transport security (HSTS), load balancers, web application firewalls, programming languages, web widgets, content delivery networks and much more.
- Frequent coverage. New domain names may be registered at any time, often for new product launches, marketing promotions, or even domain squatting. Internet-connected assets may be deployed and decommissioned hour by hour or day by day. New ports/services may be opened and closed with even faster frequency. In addition, the software running on each surface may be frequently updated as well. Frequent and automated reanalysis of horizontal and vertical coverage is absolutely necessary for an up-to-date attack surface map.
Visit the Tenable.asm product page to learn more about attack surface management.
Related Articles
How To Do a Security Audit of Pimcore Enterprise Platform
July 22, 2024Our new research paper gives you a roadmap for using Pimcore's features while preserving security.
How A CNAPP Can Take You From Cloud Security Novice To Native In 10 Steps
May 23, 2024Context is critical in cloud security. In a recent RSA presentation, Tenable's Shai Morag offered ten tips for end-to-end cloud infrastructure security.
Visibility of the Unknown: Understanding EASM and How It Can Help
January 3, 2023External attack surface management (EASM) is difficult and oftentimes confusing, especially in a world of poor inventory controls and a growing attack surface. This blog discusses what's required to do EASM successfully.
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!
- Asset Management
- Attack Surface Management