Attack Surface Management

Book description

Organizations are increasingly vulnerable as attack surfaces grow and cyber threats evolve. Addressing these threats is vital, making attack surface management (ASM) essential for security leaders globally. This practical book provides a comprehensive guide to help you master ASM. Cybersecurity engineers, system administrators, and network administrators will explore key components, from networks and cloud systems to human factors.

Authors Ron Eddings and MJ Kaufmann offer actionable solutions for newcomers and experts alike, using machine learning and AI techniques. ASM helps you routinely assess digital assets to gain complete insight into vulnerabilities, and potential threats. The process covers all security aspects, from daily operations and threat hunting to vulnerability management and governance.

You'll learn:

  • Fundamental ASM concepts, including their role in cybersecurity
  • How to assess and map your organization's attack surface, including digital assets and vulnerabilities
  • Strategies for identifying, classifying, and prioritizing critical assets
  • Attack surfaces types, including each one's unique security challenges
  • How to align technical vulnerabilities with business risks
  • Principles of continuous monitoring and management to maintain a robust security posture
  • Techniques for automating asset discovery, tracking, and categorization
  • Remediation strategies for addressing vulnerabilities, including patching, monitoring, isolation, and containment
  • How to integrate ASM with incident response and continuously improve cybersecurity strategies

ASM is more than a strategy—it's a defense mechanism against growing cyber threats. This guide will help you fortify your digital defense.

Publisher resources

View/Submit Errata

Table of contents

  1. Brief Table of Contents (Not Yet Final)
  2. I. Attack Surface Management Basics
  3. 1. Laying the Groundwork: An Overview of Attack Surface Management
    1. Attack Surface Management: What it is and Why it Matters?
      1. What Is Meant by Attack Surface?
      2. Attack Vectors vs. Attack Surfaces
      3. What is Attack Surface Management?
    2. The Components of ASM
      1. Identification
      2. Classification
      3. Prioritization
      4. Securing
      5. Adapting
      6. Monitoring
    3. The Strategic Role of ASM in Cybersecurity
    4. Adopting the Attacker’s Perspective
      1. Changing Your Point of View
      2. Proactive Strategy: Playing Attacker
    5. ASM Use Cases and Security Challenges
      1. Visibility Challenges
      2. Managing Risk
      3. Incident Response and Prioritization
      4. Policy Enforcement
    6. Summary
  4. 2. Types of Attack Surfaces
    1. The Ever-Expanding Organizational Attack Surface
    2. Traditional IT Components
      1. Legacy Virtualization
    3. Modern IT Components
      1. Modern Virtualization
      2. IoT
      3. Websites
      4. Certificates
    4. Cloud
      1. Cloud Providers
      2. Cloud Workloads
      3. Containers
      4. Applications
      5. Data
      6. Configuration Management
    5. SaaS
      1. SaaS Management
    6. Shadow IT
    7. Identity
      1. Users
      2. Data Access Across Platforms
      3. Identity and Access Management Challenges
    8. Supply Chain
      1. Software
      2. Applications
      3. Certificates
    9. BYOD and Mobile
    10. AI
      1. AI Models and Neural Network Architecture
      2. AI Pipelines and Infrastructure
      3. AI User Interfaces and APIs
    11. Summary
  5. 3. How the Attack Surface Relates to Risk
    1. Measuring Risk
      1. Qualitative Risk
      2. Quantitative Risk
      3. Determining the Right Fit
    2. Risk Frameworks
      1. NIST
      2. ISO
      3. ITIL
      4. COSO ERM
      5. OCTAV
    3. Communicating Risk to Your Business Team
      1. Know Your Audience
      2. Technical Jargon Confuses Business Teams
      3. How To Translate Technical Risk to Business Language
      4. Managing Excuses For Poor Communication
    4. Summary
  6. II. Identification and Classification
  7. 4. Identification and Classification of Assets
    1. Identification
      1. Asset inventory
      2. Identifying Asset Inventory Solutions
      3. Discovery of Assets
    2. Classification for Asset Enrichment
      1. What Do We Need to Know About Each Asset
      2. Integrating Asset Enrichment with Business Strategy
      3. Benefits of a Comprehensive Asset View
    3. Summary
  8. 5. Automating Asset Discovery
    1. Importance of Automating Asset Discovery
      1. Breadth of Enterprises
      2. Cloud Complications
    2. Types of Automated Asset Discovery
      1. Network Scanning
      2. Cloud Analysis
      3. API Identification
      4. Data Discovery
      5. Challenges in Automated Discovery
      6. Features that Deliver High ROI
    3. Summary
  9. III. Prioritization and Remediation
  10. 6. Prioritization and Crown Jewel Analysis
    1. Understanding Prioritization
      1. Comparisons to Other Strategic Processes
      2. Importance of Prioritization
    2. Prioritization Criteria
      1. Value To the Organization
      2. Operational Impact
      3. Data Sensitivity and Classification
    3. Obtaining Business Context
      1. Mapping Business Functions
      2. Tools and Techniques for Mapping
      3. Impact Assessment
    4. Determining Actual Prioritization
      1. Determining Crown Jewels
      2. Periodic Review and Update of Crown Jewels
      3. Identifying Other High-Value Assets
      4. Ranking Everything Else
    5. Transitioning from Asset Prioritization to Risk Management in ASM

Product information

  • Title: Attack Surface Management
  • Author(s): Ron Eddings, MJ Kaufmann
  • Release date: May 2025
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781098165086