image

What is External Attack Surface Management (EASM) ?​

External Attack Surface Management (EASM) ​is a new emerging concept which provides a way to continuously discover, fingerprint and assess all ​your internet exposed (external facing) assets that may leads to compromise or leak if misconfigured, unmanaged or unpatched.​​

When it is not done continuously, External Attack Surface Management (EASM) can sometimes be called: RECON, fingerprinting or digital footprint.​

We do not sell EASM independently but we use it as a first step for our PTaaS.

image

Why doing External Attack Surface Management (EASM) ?​

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” – Sun Tzu, The Art of War ​

Every day:

  • 4 critical vulnerabilities are being referenced.​
  • 30,000 websites are hacked worldwide​
  • 2,200 companies are hacked worldwide

​Do you have an exhaustive continuously updated repository of all your internet exposed assets hosting data and bearing your brand ?

External Attack Surface Management (EASM) brings you a continuously updated view of your internet exposed (external facing) and the associated cybersecurity risks.​

image

Patrowl’s External Attack Surface Management (EASM) ​

With Patrowl’s EASM you can confirm the ownership of your asset and discover unmanaged assets, Shadow IT, Phishing website mimicking your corporate visual identity, Counterfeiting e-market…

It allows you to:​

  • Monitor continuously any change on your external-facing assets​
  • Continuously discover and map your external-facing assets including Shadow IT, phishing websites being prepared and counterfeit​
  • Analyze continuously the assets attributes like exposed services, components versions… to evaluate the risk depending on the news, asset criticality and threat​
  • Prioritize and remediate (please see PTaaS​)
image

How it differs from existing ?

There is no actual solution that allows you to go as far as Patrowl’s External Attack Surface Management (EASM): not limited by the scope and continuously.​

Traditionally, external-facing assets fingerprint or External Attack Surface Analysis are done once a year, unable to follow your business creativity and unpredictability.​

image

What kind of components can EASM discover ?

External Attack Surface Management (EASM) can help you to discover many components forgotten, orphaned, unmanaged, unpatched… exposing data and brand:

  • Web sites
  • Web services and API
  • Remote Access and VPN
  • File share
  • File storage
  • SaaS applications used for project management, test, trial, temporary promotional operation…
  • Source code repository (leaked credentials, exposed secrets or data)
image

What kind of assets can Patrowl work with ?

Patrowl do External Attack Surface Management (EASM) based on several type of assets:

  • IP addresses
  • IP subnet
  • Autonomous System
  • DNS Zone
  • Domain name
  • Second level domain name
  • All type of DNS records (MX, SPF, DMARC, NS…)
  • FQDN
  • URL
  • Public cloud tenant / account
  • Email addresses
  • Key words (company name, trademark, product name, chemical formula…)

Click and Drag