Platform
What is External Attack Surface Management (EASM)?
External Attack Surface Management (EASM) is an emerging concept that continuously discovers, identifies, and assesses all internet-facing assets that may be compromised or subject to leaks if misconfigured, unmanaged, or unpatched.
By focusing on external-facing assets, EASM provides actionable threat intelligence to prevent internal attack vectors and strengthen your risk management strategy.
When it is not done continuously, External Attack Surface Management (EASM) can sometimes be called: RECON, fingerprinting or digital footprint.
We do not sell EASM independently but we use it as a first step for our PTaaS.
Why use External Attack Surface Management (EASM)?
EASM provides a continuously updated view of your external assets exposed to the internet and the associated security risks. By continuously monitoring these digital assets, security teams can assess and prioritize risks, addressing potential threats before they can be exploited. This helps you proactively manage your risk managementprocesses.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” – Sun Tzu, The Art of War
Patrowl EASM use cases
External Attack Surface Management tool & platform (EASM)
With Patrowl's EASM, you can confirm ownership of your cyber assets and discover unmanaged assets, Shadow IT, phishing websites imitating your company's visual identity, counterfeits on the marketplace...
Monitor
all changes to your internet-facing assets in real-time to ensure security and integrity at all times.
Discover
and map your external-facing assets including Shadow-IT, phishing websites being prepared and counterfeit
Analyze
continuously the assets' attributes like exposed services, components versions… to evaluate the risk depending on the news, asset criticality and threats
Prioritize
and remediate the most critical vulnerabilities detected, allowing you to focus on risk managementand reduce potential damage.
How does Patrowl's EASM differ from other solutions?
There is actually no solution that allows you to go as far as Patrowl’s External Attack Surface Management (EASM).
Traditionally, external-facing assets fingerprint or external attack surface analysis are done once a year, unable to keep up with both your business creativity and its unpredictability.
What kind of assets can Patrowl work with?
Patrowl does External Attack Surface Management (EASM) based on several types of assets:
IP addresses / IP subnet
Autonomous System
DNS Zone / Domain name
Second level domain name
All types of DNS records (MX, SPF, DMARC, NS…)
FQDN / URL
Public cloud tenant / account / Email addresses
Keywords (company name, trademark, product name, chemical formula…)
Your most frequently asked questions about EASM:
What types of components can EASM uncover?
External Attack Surface Management (EASM) can help you uncover many forgotten, abandoned, unmanaged, unpatched components... exposing data and your brand:
Websites
Web services and APIs
Remote access and VPN
File sharing
File storage
SaaS applications used for project management, testing, temporary promotions, etc.
Source code repository (leakage of credentials, secrets or exposed data)
What's the difference between EASM, CAASM and DRPS?
EASM (External Attack Surface Management) focuses on external assets exposed to the internet to detect security risks.
CAASM (Cyber Asset Attack Surface Management) provides a unified view of both internal and external assets, mapping connections and assessing vulnerabilities in real time.
DRPS (Digital Risk Protection Services) protects against external digital threats, including data leaks, phishing, and brand impersonation, monitoring sources like the dark web.
What is Cyber Attack Surface Management (ASM)?
Cyber Attack Surface Management (CASM) identifies, monitors, and reduces potential entry points that an attacker could exploit within a computer network. This includes asset inventory, connection mapping, vulnerability assessment, continuously monitoring for changes, and prioritizing risks to proactively manage security measures and reduce exposure to cyber threats.
How does CAASM work?
Cyber Asset Attack Surface Management (CAASM) identifies and inventories all IT assets, maps connections, and assesses vulnerabilities, while continuously monitoring for potential threats in real-time. It helps security teams prioritize risks based on criticality and provides actionable recommendations for mitigation. CAASM integrates well with your broader risk management processes.
