Innovations in Attack Surface Management: Gartner Report 2022

Managing modern IT systems has become increasingly complex as attack surfaces keep expanding. In this report, researchers at Gartner look at how organizations can use new technologies to streamline Cyber Asset Attack Surface Management (CAASM).

According to Gartner, “Most organizations lack the capabilities required to validate control coverage and quantify digital and Cyber risks effectively.”

Highlights from the Gartner Report

Below are a few of our key learnings from the report:

• Security and risk management leaders should invest in understanding the continuous expansion of their attack surfaces. Preliminary efforts should focus on attack surface visibility and matching Attack Surface Management (ASM) capabilities with their use cases.
• Cyber Asset Attack Surface Management (CAASM) helps organizations maintain complete visibility over all internal and external assets using API integrations with existing tools. External attack surface managment (EASM) and other data sources feed into CAASM, Gartner says. CAASM then combines and records the data for increased visibility.
• Gartner predicts that “by 2026, 20% of companies will have more than 95% visibility of all their assets, which will be prioritized by risk and control coverage by implementing cyber asset attack surface management.”

Benefits of ASM Technologies

• Improved asset visibility leads to a better security posture.
• Deployment and configuration of security controls becomes more effective through a better understanding of attack pathways.
• Accurate and comprehensive security intelligence leads to quicker audit compliance reporting.