DIY attack surface management: Simple, cost-effective and actionable perimeter insights

2023-10-16 08:35

Modern-day attack surface management can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being decommissioned, and ongoing migrations to cloud providers.

For these reasons, attack surface management tooling must be extremely scalable and fast, balancing acceptable levels of accuracy loss to lower the overall time to find assets and detect ephemeral risks.

How many domains does my organization control? How many subdomains does my organization have? How many network ranges does my organization have? Which cloud providers are assets distributed across? Of the discovered assets, how many have active DNS records? Of the discovered assets, how many have an open port / targetable service? How many of these assets are already in our asset register?

Organizations can quickly gain insights into various parts of their attack surface using standalone command line tools that allow for easy, repeatable, and scalable workflows that can help identify perimeter changes.

Identify assets across your organization with active DNS records: Using open-source tooling such as dnsx from Project Discovery or zdns from The ZMap Project can allow you to gain insights into assets with current DNS records across various query types.

Often, gathering a large corpus of data related to your organization is only a starting point, and is something that can be matured and improved over time with additional enrichment, organizational context, and insights.

News URL

https://www.helpnetsecurity.com/2023/10/16/diy-attack-surface-management-asm/

#attack #insight #management