External Attack Surface Management (EASM) refers to the processes, technology and managed services deployed to discover internet-facing enterprise assets and systems and associated exposures which include misconfigured public cloud services and servers, exposed enterprise data such as credentials and third-party partner software code vulnerabilities that could be exploited by adversaries. EASM provides valuable risk prioritization and context and actionable information through regular or continuously monitoring and discovery for external-facing assets and systems. External attack surface management is a top priority for security teams and security risk managers.
TI products and services deliver knowledge, information and data about cybersecurity threats and other organization-specific threat exposures, including but not limited to indicators of compromise (IOCs), threat actor attribution and campaigns. The output of these products and services aim to provide or assist in the curation of information about the identities, motivations, characteristics and methods of threats, commonly referred to as tactics, techniques and procedures (TTPs). The intent is to enable better decision making and improve security technology capabilities to reduce risk and the chance of being compromised.