By establishing visibility of the attack surface and implementing management processes to prioritize, validate, and mobilize responses, security teams can reduce exposures exploited by malicious threat actors.
In this post, we’ll delve intoprocess of discovering assets. We cannot secure what we cannot see so getting this piece right is foundational to the success of your ASM program. This blog will explore four different methods of asset discovery starting with the most basic, deployed software agents.
In part one of this blog series, we looked at some of the core challenges that are driving the demand for a new approach to Attack Surface Management. In this second blog I explore some of the key technology approaches to ASM and also some of the core asset types we need to understand.
Exposures are more than CVEs, so organizations need to move beyond the traditional thinking of vulnerability management to a holistic view.
This week, Rapid7 was recognized as a Contender in Forrester’s 2024 Attack Surface Management (ASM) Wave report.
In this series, we will explore the critical challenges and solutions associated with Attack Surface Management (ASM), a vital aspect of modern cybersecurity strategy.
In this new report, Rapid7 analyzes Japan’s threat landscape and some of the largest cyber concerns affecting Japanese organizations.
CAASM is intended to be an authoritative source of asset information complete with ownership, network, and business context for IT and security teams.
The OWASP Top 10 API Security Risks is a list of the highest priority API based threats in 2023. In this blog, we detail each item on the list.
In this webcast, Cindy Stanton highlights where the industry started from traditional vulnerability management which focused on infrastructure but evolved significantly over the last couple of years.
Leverage InsightIDR, Threat Command, and InsightConnect to unlock a complete view of your attack surface with unmatched signal to noise.
APIs have become a large part of the application attack surface, making API security a critical consideration.
Here’s the specific attack surface area and a few of the exploit chains we’re keeping our eye on right now.
This is the third and final installment in our 2021 series around attack surface analysis. In this installment I’ll detail the final 2 analysis techniques—red and purple teaming.
In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy, and the ways it can be used to increase awareness of both technical and process-related risks.