What is Tenable Attack Surface Management?
Tenable Attack Surface Management (Formerly Tenable.asm) is an external attack surface management (EASM) solution that identifies assets and services residing on the internet which are at risk to be externally accessible by threat actors and performs multiple actions to give context around security posture.
Key Benefits:
1. Know Your Attack Surface
Leverage the largest attack surface map in the world with 5 billion internet-facing assets from over 500 data sources.
2. Gain Insight in Minutes
Establish your entire attack surface using minimal configuration in minutes.
3. Understand Business Context
Make effective and informed decision by easily categorised assets using 200 fields of metadata and comprehensive filtering
4. Monitor Changes
Obtain an up-to-date insight of your assets as your attack surface changes through
daily or bi-weekly data refreshes.
5. Easily Assess for Risk
With just a few clicks, you can launch vulnerability and web application scans of the newly discovered
assets to understand your exposures.
Key Capabilities:
1. Attack Surface Visibility
Tenable Attack Surface Management having the largest attack surface maps in the world with over 5 billion internet-facing assets from more than 500 data sources allows access to every internet-accessible asset – from name servers and web servers to IoT devices and network printers.
2. Unlimited Top-Level Domains
Tenable Attack Surface Management lets you choose as many domain names to discover and analyze. Through deeper understanding about your asset information allows you to mitigate cyber risk and prevent potential threats. More over, Tenable Attack Surface Management enables you to reveal the attack surface of current and potential competitors to identify strategic opportunities.
3. Continuous Data Refreshes
Tenable Attack Surface Managemen practices continuous updates of terabytes of data to ensure you get the latest version of your attack surface. Significantly, you can choose either bi-weekly or daily refresh rates based on your organizational needs.
4. Attack Surface Change Alerts
From more than 100 different events related to compliance, technology, exposure and more, and receive automatic updates and alerts as new and important changes occur to choose from, Tenable Attack Surface Management enables you to easily analyze changes in your attack surface with subscriptions, which include the custom lists of assets according to user-defined criteria and updated automatically.
5. Rich Asset Context and Attribution
Tenable Attack Surface Management enriches billions of internet-accessible assets with over 200 fields of metadata, for example; CMS type, TLS certificate expiration date, geo-IP physical location, and cloud or CDN provider. This enrichment enables you to make more informed decisions as well as understand potential exposures related to technology fingerprinting, port scanning, and more. With this feature, you can immediately refresh asset details and view asset history to view changes.
6. Suggested Domains
Tenable Attack Surface Management identifies domain names related to assets in your inventory and provide suggested domains with details reason of why those domain may belongs to you. This feature helps you discover unknown domain names that you own.
7. Asset Management
Tenable Attack Surface Management allows you to easily sort and manage assets according to filters, tags, data types and much more. Simply select and save filters to let you view which assets that matter to you. Additionally, you can also apply tags based on asset information to streamline asset management.
8. Well Documented API
Tenable Attack Surface Management let you create your own customized integrations through complete use of a fully documented RESTful API to support your security systems and workflows.
9. Full Integration into Tenable Solutions
Tenable Attack Surface Management is fully integrated into Tenable Vulnerability Management (formerly Tenable.io) , Tenable security center (Formerly Tenable.sc) and Tenable Web Application Scanning. This allows you to so rapidly take action on newly discovered internet-facing assets. Launch vulnerability and web application scans with just a few clicks to eliminate any blind spots. Integration of Tenable Attack Surface Management with Tenable solutions provides you with unified visibility into attack surface asset and exposure data as well gives critical context of potential attack paths from external systems to critical assets.
E-SPIN Group had conducted a webinar session to provide customers with better understanding on Tenable Attack Surface Management Solution. Watch our video presentation on the topic ‘Tenable Attack Surface Management (formerly Tenable.asm) Product Overview’ as below.
E-SPIN Group in the enterprise ICT solution supply, consultancy, project management, training and maintenance for corporation and government agencies did business across the region and via the channel. Feel free to contact E-SPIN for your project requirement and inquiry.
This post was first published in 2023-Aug-23, updated 2023-May-19.