What ASM does
Attack Surface Management (ASM) goes beyond traditional vulnerability scanning. It provides a continuous discovery and assessment of all assets – cloud workloads, on-premise infrastructure, SaaS applications, and even shadow IT – that could be exploited by attackers. ASM encompasses external attack surface exploration (EASM), cloud security posture management (CSPM), and extends to internal assets often overlooked. It’s a broader discipline than simply identifying open ports; it’s about understanding the context and potential impact of each exposed element.
ASM in Australian tenants today
For AU mid-market organisations, a layered approach to ASM is increasingly common. Microsoft’s Defender for Cloud provides CSPM capabilities and workload protection, while Defender EASM focuses on external exposure. Microsoft Security Exposure Management aims to unify these capabilities. Compliance frameworks like the ACSC Essential Eight and APRA CPS 234 necessitate a comprehensive understanding of an organisation’s digital footprint, making ASM a crucial component of a robust cybersecurity posture. The Notifiable Data Breaches scheme further reinforces the need for proactive exposure management.