- Meta's new $299 Quest 3S is the VR headset most people should buy this holiday season
- One of the best cheap Android phones I've tested is not a Samsung or Motorola
- 5 biggest announcements at Meta Connect this week (including an AR glasses prototype)
- The Samsung phone that I recommend to most people just got unseated by a surprise pick
- Apple's M2 MacBook Air just dropped to $799 way ahead of October Prime Day
Attack Surface Management Partner Bit Discovery Bolsters Offering
Security starts with visibility: you can’t protect what you can’t see. And yet, this is a perennial problem in cybersecurity. We’re excited to bring attack surface discovery capabilities to the Trend Micro One platform, providing ongoing visibility to internal assets (devices, identities, applications) but also external, Internet-facing assets. And we’re doing the latter in partnership with Bit Discovery, an innovative start-up founded by Jeremiah Grossman (previously co-founder of WhiteHat Security).
How bad is the attack surface visibility problem? The Trend Micro incident response team provides a big-picture view, estimating that over the last two years, roughly 50% of the serious incidents they handled began when an attacker compromised an unknown and/or vulnerable external-facing asset. (And if you’re wondering about the other 50%, almost all of that originated from phishing.)
Why is it so challenging to obtain a comprehensive view of the attack surface (and to keep it current after that)? There are many factors that contribute: organizations have shifted to SaaS and cloud services, employees have embraced work from home, shadow IT projects launch initiatives outside of regular processes, acquisitions broaden the attack surface overnight, and the visibility across this dynamic environment is frequently siloed in various commercial and home-grown tools – or is simply nonexistent.
To address this challenge, automated attack surface discovery is needed – but it must be accompanied by risk assessment and prioritization, otherwise, it will result in even more noise for already-overwhelmed security teams. Thousands of assets discovered, hundreds have serious vulnerabilities or misconfigurations – what needs to be targeted first? That’s the solution we’ve set out to deliver, with embedded technology from Bit Discovery helping discover the particularly vulnerable Internet-facing assets.
A modern attack surface discovery approach needs to leverage a range of telemetry sources in order to achieve broad visibility. Trend Micro’s Vision One performs discovery by synthesizing telemetry from Trend Micro products but also integrations to infrastructure and security products such as Azure Active Directory, Office 365, Qualys, Okta, Amazon AWS, Microsoft Azure, and more, along with the embedded functionality from Bit Discovery.