Background
The result of a rapidly changing digital environment,
Extended attack surface
In the era of digital transformation, the attack surface of companies has expanded significantly.
As a result, security vulnerabilities inside and outside the company have increased rapidly, and companies are at greater risk than ever before.
withASM
01
Integrated management of asset-based threat detection
Scan and inventory all of the organization’s digital assets
Mapping and visualizing relationships between discovered assets
Track changes to assets and continuously monitor them
03
Risk management strategy and response
Integrate asset management and vulnerability management into one process
Establish an enterprise-wide risk management strategy by providing continuous attack surface management and visibility into findings
02
Automated risk analysis and assessment
Continuous vulnerability scanning of discovered assets
Severity/impact assessment of discovered vulnerabilities (CVE, CWE, CAPEC)
Detect vulnerabilities and misconfigurations within the attack surface
04
Context-based impact analysis
Automated playbook for Event → Ticket → Incident → Risk Scoring
Integrated security control system and risk management system are managed as a single process
Features
Establish a quantitative risk management strategy through withASM
Integrated management of assets, vulnerabilities, and threats
Quantitative impact/risk analysis
Preemptive evaluation system/response management automation (orchestration)
Features
Asset Discovery Management
Asset scanning in various environments
Identify known and shadow IT assets
Link with asset management systems such as ITSM
Asset Relationship Mapping
Partner and third-party relationship mapping
Dependency analysis between assets
Create and visualize asset relationships (asset importance, shadow IT classification, etc.)
Implement asset change tracking
Detect asset configuration changes
Track new asset addition/removal
Asset change history management
Effect
Optimal response to network security policy (MLS)
Manage vulnerabilities from the perspective of external attackers by identifying internal and external assets of the rapidly changing security environment system due to network security policy (multi-layer security system, MLS)
Reduce compliance certification costs and time
Information Security Management System Certification (ISMS), which costs several months and tens of millions of won, can be implemented with withASM
Attack surface management
Quantified risk assessment according to asset importance by identifying the importance of assets identified through TI and asset scanner and mapping vulnerabilities