Imagine you just received information that an intercontinental ballistic missile is three minutes out, and you’re at the grocery store…What do you do? The honest truth is that if all you know is there is a problem, the barriers to action can be immense. This is the problem with most attack surface management (ASM) products today.
Our infrastructures used to be restricted to known internet protocol (IP) space, which made it “easy” to point vulnerability scanners at this known attack surface and monitor for exposures and vulnerabilities. The challenges of digital transformation and cloud adoption have made it less obvious where the boundaries of your infrastructure lie, which is the problem many ASM products are trying to solve – identifying problems and discovering unknown assets. Unfortunately, this is where most of these products then leave you off on your own to figure out how to fix these issues they so helpfully identified.
Earlier, I had “easy” in quotes when talking about vulnerability management, because as simple as it may seem, getting systems patched in a timely fashion is one of the enduring challenges in cybersecurity. One reference point for this that stands out from my years as an analyst was the Wannacry attack. Microsoft had released a patch for the world-ending vulnerabilities Wannacry had targeted two months earlier, and yet many organizations were unable to get the patch deployed.
Vulnerability management doesn’t even begin to scratch the surface of this problem, however, because a primary use case for ASM is to identify unknown infrastructure. Once you know about an exposure or vulnerability that’s been introduced into your attack surface, it often becomes a race to answer questions such as:
Meanwhile, you may find yourself back at the imaginary grocery store, staring at the frozen orange juice and waiting for people to reply to emails so you can start to figure out what to do.
Maybe you’re standing in the candy aisle, eating something you’re never going to have to pay for, thinking about how things could have been different. We have been too. Here’s how:
These are just a few ways Palo Alto Networks has improved our Cortex Xpanse product with Active ASM to enable you, our customer. For more information on this and other exciting content, register for Cortex Symphony 2023 here.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.