What is Tenable.asm?
Tenable.asm is an external attack surface management (EASM) solution that identifies assets and services residing on the internet which are at risk to be externally accessible by threat actors and performs multiple actions to give context around security posture.
1. Know Your Attack Surface
Leverage the largest attack surface map in the world with 5 billion internet-facing assets from over 500 data sources.
2. Gain Insight in Minutes
Establish your entire attack surface using minimal configuration in minutes.
3. Understand Business Context
Make effective and informed decision by easily categorised assets using 200 fields of metadata and comprehensive filtering
4. Monitor Changes
Obtain an up-to-date insight of your assets as your attack surface changes through
daily or bi-weekly data refreshes.
5. Easily Assess for Risk
With just a few clicks, you can launch vulnerability and web application scans of the newly discovered
assets to understand your exposures.
1. Attack Surface Visibility
Tenable.asm having the largest attack surface maps in the world with over 5 billion internet-facing assets from more than 500 data sources allows access to every internet-accessible asset – from name servers and web servers to IoT devices and network printers.
2. Unlimited Top-Level Domains
Tenable.asm lets you choose as many domain names to discover and analyze. Through deeper understanding about your asset information allows you to mitigate cyber risk and prevent potential threats. More over, Tenable.asm enables you to reveal the attack surface of current and potential competitors to identify strategic opportunities.
3. Continuous Data Refreshes
Tenable.asm practices continuous updates of terabytes of data to ensure you get the latest version of your attack surface. Significantly, you can choose either bi-weekly or daily refresh rates based on your organizational needs.
4. Attack Surface Change Alerts
From more than 100 different events related to compliance, technology, exposure and more, and receive automatic updates and alerts as new and important changes occur to choose from, Tenable.asm enables you to easily analyze changes in your attack surface with subscriptions, which include the custom lists of assets according to user-defined criteria and updated automatically.
5. Rich Asset Context and Attribution
Tenable.asm enriches billions of internet-accessible assets with over 200 fields of metadata, for example; CMS type, TLS certificate expiration date, geo-IP physical location, and cloud or CDN provider. This enrichment enables you to make more informed decisions as well as understand potential exposures related to technology fingerprinting, port
scanning, and more. With this feature, you can immediately refresh asset details and view asset history to view changes.
6. Suggested Domains
Tenable.asm identifies domain names related to assets in your inventory and provide suggested domains with details reason of why those domain may belongs to you. This feature helps you discover unknown domain names that you own.
7. Asset Management
Tenable.asm allows you to easily sort and manage assets according to filters, tags, data types and much more. Simply select and save filters to let you view which assets that matter to you. Additionally, you can also apply tags based on asset information to streamline asset management.
8. Well Documented API
Tenable.asm let you create your own customized integrations through complete use of a fully documented RESTful API to support your security systems and workflows.
9. Full Integration into Tenable Solutions
Tenable.asm is fully integrated into Tenable.io Vulnerability Management, Tenable.sc, Tenable.sc+, Tenable.ep and Tenable.io Web Application Scanning. This allows you to so rapidly take action on newly discovered internet-facing assets. Launch vulnerability and web application scans with just a few clicks to eliminate any blind spots. Integration of Tenable.asm with tenable solutions provides you with unified visibility into attack surface asset and exposure data as well gives critical context of potential attack paths from external systems to critical assets.
E-SPIN Group in the enterprise ICT solution supply, consultancy, project management, training and maintenance for corporation and government agencies did business across the region and via the channel. Feel free to contact E-SPIN for your project requirement and inquiry.