RECOMMENDED: Asset Management for Cybersecurity.

#cybersecurity#assetmanagement

The foundation of ANY cybersecurity program is Asset Management or Inventory. There are 2 categories of Asset management, i.e IT Asset Management and Asset Management for Cybersecurity

There are 2 components of Asset management exists for Cybersecurity, namely;

1- Cyber Asset Attack Surface Management (CAASM).
2- External Attack Surface Management ( EASM).

While CAASM deals with internal networks asset management for cybersecurity, EASM deals with externally exposed assets ( IP addresses, Domains and Certificates) of the organization.

In summary, CAASM help with a unified inventory of all IP enabled assets in your internal networks while at the same time giving you comprehensive visibility into security gaps, i.e how many endpoints in the AD without EDR agents or scanned by vulnerability scanner.

EASM on the other hand gives visibility into assets that are hitherto unknown to the organization, their vulnerability level which is based on business risk, how easy for them to be seen and exploited by the attackers, amongst other capabilities.

Contact us here, https://www.smsam.net/about/contact/ if you’re interested in evaluating both CAASM and EASM

Some Highly Informative Resources.

1- Why Cyber Asset Attack Surface Management (CAASM) is now emerging , https://sevcosecurity.com/why-cyber-asset-attack-surface-management-caasm-is-now-emerging/  

2- Now Is The Time For External Attack Surface Management, https://www.cycognito.com/blog/external-attack-surface-management