Attack Surface Management

Evolve Security’s attack surface management will help you ensure your external presence is what you have designed it to be. It is a critical part of an effective security program, and exceeds standard practice, enabling you to improve your overall security, improve compliance, and reduce your potential cybersecurity and business risk.

Effective attack surface management includes several key components, which are performed by Evolve Security and your own resources.

• Discovery. Discover and identify all exposed cyber-assets – every system, service, and application that can be reached from outside of your organization. Basically, identify all potential points of attack.
• Reduce presence. Verify that exposed systems are valid systems, and that the business need is appropriate. Rearchitect your presence to remove systems that do not need to be exposed, potentially reducing the number of systems available for an attacker to target.
• Vulnerability management. Scan your exposed systems for potential vulnerabilities, then support remediation and mitigation. Validate that identified vulnerabilities have been closed.
• Baseline. Build a baseline of your approved internet presence – what systems, services, and applications have you explicitly approved, and identify the exact state of vulnerabilities and patches are in each. This is the definition of your current known attack surface.
• Monitoring. Monitor your external presence for the appearance of new systems, services, or applications. This helps ensure that as you add new functionality, you can clearly identify it and explicitly approve implementation as appropriate. This monitoring also helps identify misconfigurations, prototype systems, and new systems created by attackers to stage tools or host data to exfiltrate. Additionally, continuous scanning increases your chances to detect previously undetected vulnerabilities, new vulnerabilities are created, and new exploits are weaponized.

Using Evolve Security’s attack surface management helps you build a predictable, manageable baseline of what you look like from the outside. We use best-of-breed vulnerability scanners, penetration testing tools, and attack surface management tools, and tie them together through our Darwin Attack® portal. Our continuous monitoring helps let you know in real-time when your attack surface changes, and your risk level has changed, allowing you to take proactive remedial actions and reduce your chances of successful attack.

Baseline security services include vulnerability scanning and penetration testing. These are designed to help you manage vulnerabilities and take some proactive actions to reduce your risk by closing open vulnerabilities and other exposures.

Evolve Security’s attack surface management is a more advanced service that enables you to take a more proactive stance when managing security threats. It improves your control over what you approve as your external presence. It does this by a continuous attack surface monitoring solution that identifies changes in your exposed environment – what systems, services, applications, or vulnerabilities have changed when viewed from the outside world.

Evolve Security does not just alert you when we identify changes. We also update, real-time, information about your attack surface in our Darwin Attack® portal. Since your entire history of discovery, vulnerabilities, and remediations are tracked in Darwin Attack® as well, you get immediate access to actionable information when your attack surface changes. As a result, you always know exactly where you stand. And, as with all Evolve Security services, you can collaborate with our security professionals on remedial actions via the feed in the portal itself.

This enterprise attack surface management approach enables baseline, management, detection, notification, remediation, and validation through the same exact portal and set of services, improving your control over your environment, improving your cybersecurity, improving compliance, and reducing risks.