$0+

ASM Standard Operating Procedure Framework

0 ratings
I want this!

ASM Standard Operating Procedure Framework

$0+
0 ratings

This document outlines a continuous process to identify, monitor, and manage a company’s web attack surface exposed on the Internet using open-source tools. This approach helps organizations maintain an up-to-date inventory of their exposed services, reduce risks, and detect shadow IT.

$
I want this!

Standard Operating Procedure (SOP): Continuous Web Attack Surface Identification using Open-Source Tools

Attack surface: The set of entry points where attackers can try to exploit a system.
Attack vector: Methods used by attackers to breach systems or networks.
Shadow IT: The use of IT systems without the IT department’s approval.
Reconnaissance: Techniques to secretly gather information on a target system.
Red Team exercises: Simulated attacks that assess the security of an organization’s systems.
Domain name: A label that identifies a network domain.
Certificate transparency: Public logs of issued TLS certificates to detect suspicious activity.
External Attack Surface Management (EASM): Management of internet-facing assets to uncover hard-to-detect threats.
Content Management System (CMS): Software to manage digital content creation and modification.
Network ACL: Rules that control access to a computer network.
Vulnerability scanner: Tools used to detect vulnerabilities in systems and networks.
Configuration Management Database (CMDB): Database that tracks relationships between hardware, software, and networks in an organization.
Copy product URL