Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

High-Fidelity Attack Surface Mapping

Eliminate blind spots and hinder attackers using these three tips to create a high-fidelity map of your organization’s entire attack surface.

“High-fidelity” is the replication of an effect, such as an image or sound, where the result is almost indistinguishable from the original. Similarly, in information security, recreating a clear picture of your attack surface is critical. Breaches happen when adversaries know more about your attack surface than you do. These days, you simply cannot afford to have a low-fidelity map of your attack surface. Clarity and precision keep you ahead of the bad guys. This is why Tenable introduced “high-fidelity” attack surface mapping.

Security tools and processes, particularly within vulnerability management and penetration testing, perform some attack surface mapping. However, the quality of the result varies and often leaves glaring blind spots. Some tools focus on identifying as many assets as possible across an enterprise but only go an inch deep in understanding each asset. The tools miss listening services, software distribution and versions, system configuration and so on. Other tools focus on going deep into each asset but miss assets located in the cloud, third-party hosted, forgotten legacy systems, test/development, across disparate business units, etc. Therefore, because it’s not a core competency in their toolset, very few organizations have an up-to-date attack surface map.

To get a high-fidelity picture of your organization’s attack surface, you need three things:

  1. Horizontal coverage. Cast a wide net, polling the entire internet for every asset an organization owns. An asset, as defined by hostname/IP-address, includes those located across domain names, brands, hosting providers, etc. Assets may be hosted on-premise, in the cloud, third-party applications, labeled under subsidiaries & sub-brands, physically located across geographically distributed data centers and connected through non-contiguous IP ranges.
  2. Vertical coverage. It’s important to have a deep understanding of each asset that you own. From security posture to technology stack to geolocation, every asset detail matters. This includes listening services (i.e., open ports), installed software and versions, access service networks (ASN) and transport layer security (TLS) certificate information. Various fingerprinting techniques may reveal the usage of authentication, CAPTCHAs, content security policies (CSP), HTTP strict transport security (HSTS), load balancers, web application firewalls, programming languages, web widgets, content delivery networks and much more.
  3. Frequent coverage. New domain names may be registered at any time, often for new product launches, marketing promotions, or even domain squatting. Internet-connected assets may be deployed and decommissioned hour by hour or day by day. New ports/services may be opened and closed with even faster frequency. In addition, the software running on each surface may be frequently updated as well. Frequent and automated reanalysis of horizontal and vertical coverage is absolutely necessary for an up-to-date attack surface map.

Visit the Tenable.asm product page to learn more about attack surface management.

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save.

Add Support