All Articles

Evolving Perspectives: The Future of Attack Surface Management By Chris Ray And Bikash Barai

Posted by Priya R on April 26, 2024 at 7:59pm in Blog

Evolving%20Perspectives%20The%20Future%20of%20Attack%20Surface%20Management.png?profile=RESIZE_710x

 

In the dynamic realm of cybersecurity, the concept of Attack Surface Management (ASM) continues to undergo evolution and refinement. As organizations grapple with the challenges of securing their digital assets, questions arise regarding the maturity of ASM programs and their adaptability to emerging threats. In this blog, we explore the shifting landscape of ASM and its potential trajectory towards internal attack surface management, alongside considerations of deception technology and the unknown unknowns that challenge traditional security paradigms.

 

 

Here is the verbatim discussion:

That you may miss out something right which defeats the purpose of the unknown unknown so uh yes I absolutely agree that's going to happen but operationally it's going to be more difficult uh there's a second question which is do you think the use of deception technology is a sign of maturity of an ASM program um so I I I don't because ASM is discovering what's already out there uh you know for the most part and I love deception technology don't get me wrong that's one of the topics that I've I've written at length about for a few years uh I think it's provides tremendous value it's easy to deploy uh and it's it's simple and intuitive but I don't see it sure you want to pick one yes um so is the field of ASM eventually moving into internal attack surface management so uh I'll try and do this quickly the the answer is I see yes um maybe not as quickly as we would like and it may not look like a tax surface management that we know today uh but much in the same way that EDR was revolutionary for endpoint detection or endpoint security and they said fendors said hey EDR work great for our endpoints I wish we could do that on our Cloud on our identity on our Network so EDR has evolved into xdr the extended detection and response uh I see a similar story for ASM or easm if if the vendor only doing external attack surface management hey this is great this is wonderful it's done all sorts of
 
 

Chris Ray, a seasoned professional in the cybersecurity field, brings a wealth of experience from small teams to large financial institutions, as well as industries such as healthcare, financials, and tech. He has acquired an extensive amount of experience advising and consulting with security vendors, helping them find product-market fit as well as deliver cyber security services.

Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.

Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to
the cloud.

https://twitter.com/bikashbarai1

https://www.linkedin.com/in/bikashbarai/

Views: 15
Tags: asm, attack surface management, bikash barai, chris ray
E-mail me when people leave their comments –
Follow

You need to be a member of CISO Platform to add comments!

Join CISO Platform

RSAC Meetup Banner

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)