Attack Surface Management: Avoiding Device Whack-a-Mole
Report Summary
Attack Surface Management: Avoiding Device Whack-a-Mole
October 5, 2022 – Chief information security officers (CISOs) face unseen and unmanaged assets, resulting in poor asset hygiene and exploitable areas of an IT estate. Various cybersecurity solutions attempt to discover computing assets, but few are equipped to identify today’s expansive and complex attack surfaces. ASM solutions help ensure CISOs have purview of the IT assets they’re entrusted to protect.
This Impact Report examines the state of the ASM market using primary and secondary research. Aite-Novarica Group looked at nearly 100 ASM vendors to understand the market trajectory, vendors, and investments. Vendors that actively marketed an ASM product are included in this report as direct participants or listed in the ASM vendor directory. Aite-Novarica Group invited myriad ASM vendors to participate in primary research, consisting of a questionnaire, interviews, and product demonstrations.
This report profiles the following vendors: Bishop Fox, Cequence Security, CybelAngel, DeviceTotal, Group-IB, Halo Security, ImmuniWeb SA, Intruder, LookingGlass Cyber Solutions, Outpost24, Panaseer Limited, Pentera, Praetorian Security, Recorded Future, RedHunt Labs, Reposify, Scarlet, Sevco Security, and SynerComm.
This 117-page Impact Report contains 14 figures and 33 tables. Clients of Aite-Novarica Group’s Cybersecurity service can download this report and the corresponding charts.
This report mentions 3wSecurity LLC, 406 Ventures, Accomplice, Alcur, Alibaba, AirTrack Software Pty Ltd., AlbionVC, AllegisCyber Capital, Alsop Louie Partners, Amplicy Inc., appNovi Inc., Arctonyx LLC, Assetnote Pty, Avertium, Aviram Jenik, Awz Ventures, Axonius Inc., Balbix, Bill Wood Ventures, Bit Discovery Inc., Blackstone, Bpifrance, Brandefense, Brinqa LLC, Bugcrowd Inc., C2SEC Inc., Carbon Black, Carrick Capital Partners, Cavelo Inc., Censys Inc., Center for Internet Security, Cisco Investments, Cloudflare Inc., Cloud House Technologies Ltd., CloudShield, Coalfire Systems Inc., CODA Intelligence, CrowdStrike, CTM360, Cyber Legion Ltd., Cyberint Technologies Ltd., Cybersprint BV, Cyberpion Ltd., CyCognito Inc., Cylance, Cymulate Ltd., Darktrace, Data Theorem Inc., Dell Technologies Capital, Detectify AB, DigitalOcean, Digital Shadows Ltd., EdgeScan, Eastward Capital Partners, Evolution Equity Partners, Expanse, F-Secure, FireCompass Inc., FireEye Inc., First Rays Venture Partners, Fluid Attacks, Inc., Forgepoint Capital, FortifyData, Google Cloud, HackerOne Inc., Hadrian, Halo Security, HarbourVest Partners, Hiv Pro Inc., Horizon3.ai, IBM, Icon Ventures, Illusive Networks Ltd., Informer, Insight Partners, International Organization for Standards, Intrigue, Joule Ventures, JupiterOne Inc., K1 Investment Management, Kleissner & Associates, Lucidum Inc., M87 Cyber Security Inc., Mandiant, Marvel, McKinsey & Company, Menlo Ventures, Microsoft, Monterro AB, MU Dynamics Inc., National Institute of Standards and Technology, Netenrich Inc., NetSPI LLC., Noetic Cyber, NopSec Inc., Neuberger Berman, New Spring Capital, Notion Capital, Ometria, Open CNP, Paladin Capital Group, Palo Alto Networks Inc., Phobos Group, Prime Venture, ProjectDiscovery.io, Pcysys, Qualys Inc., Rackspace, Randori Inc., Rapid7 Inc., RapidFort Inc., Ravelin, Reciprocity Inc., Recorded Future Inc., RedHunt Labs, Reposify Ltd., Rescana Ltd., Resilient X, RiskIQ Inc., RiskXchange, River Security, Saporo SA, Saxo Bank, Securin, SecurityTrails, Shasta Partners, Silent Breach, Skybox Security Inc., Sn1perSecurity LLC, SYN Ventures, SOCRadar, spiderSilk Security DMCC, Swedbank Robur, Sweepatic Security NV, Symantec, TAU Ventures, Team Cymru, Templarbit Inc., TempCap, Tenable Holdings Inc., The Security Bureau, ThreatNG Security, Trend Micro Incorporated, Triangle Peak Partners, TrustedSite, UpGuard Inc., U.S. Army Research Office, Vitruvian Partners, vInenta, WithSecure, and Zero Networks Inc.