Skip to content

Why is Gartner Talking About External Attack Surface Management (EASM): Critical Insights, Common Use Cases , MITRE ATT&CK framework & More

hubspot landing page logos 8
According to Gartner, EASM is an emerging product set that supports organizations in identifying risks coming from internet-facing assets and systems that they may be unaware of threats such as shadow IT, exposure management, expanding attack surfaces, and more. Continuous Automated Red Teaming (CART) and Penetration Testings are essential defense-in-depth components to mitigate those persistent threats. This panel discussion touches upon how to use vulnerability scans and manual pen test results to build a focused attack simulation plan.

Key Discussion Points:

  • What is EASM?
  • What are the key capabilities of EASM tools?
  • Common Use Cases of External Attack Surface Management
  • Difference Between EASM and DRPS (Digital Risk Protection Services)
  • Effective strategies deployed by industry-leading organizations
  • How testing external perimeters can validate what can/cannot be discovered and exploited with automation
  • Overview Of MITRE ATT&CK framework


Paul DiBello

Paul Di Bello

Ed Adams

Ed Adams
Security Innovation

Register Now & Get Access


Bikash Barai
CISO Platform & Firecompass

Tejas Shroff

Tejas Shroff
Sr. Director, Managed Security Services
NTT DATA Services

"The tool has exceeded our expectations"

- Risk Manager, Sprint USA (now part of T-Mobile)
Sprint Logo 2

Single Platform For Continuous Discovery & Testing Of Your External Attack Surface

External Attack Surface Management (EASM)

Identify all IPs, Applications, exposed database/cloud buckets, code leaks, leaked credentials, vulnerabilities, exposed test/pre-production systems, etc.

Continuous Automated Red Teaming (CART)

Launches multi-stage attacks on your attack surface and identifies the breach and attack paths.

Ransomware Attack Surface Testing (RAST)

Discover ransomware attack surface and it’s risk by scanning entire internet for risky assets potentially belonging to the organization