ZeroFox has introduced a new External Attack Surface Management (EASM) module on the ZeroFox platform to see and secure external assets. The new capability builds upon ZeroFox’s existing best-in-breed solutions in Digital Risk Protection and Threat Intelligence, offering a single vendor to discover and protect assets outside the perimeter.
Digital transformation, hybrid work and complex software supply chains have all led to an unprecedented expansion of unknown and unmanaged assets, systems and exposures across the external attack surface. According to ESG, nearly 70% of organisations have experienced a cyberattack due to the exploitation of an unknown, unmanaged, or poorly managed internet-facing external asset. ZeroFox EASM offers automated discovery and enumeration of these commonly-exploited assets, including subdomains, IP addresses, software, and security certificates. Organisations can now prioritise and address potential exposures to reduce risk and erode the attacker’s advantage.
Unlike standalone EASM providers, ZeroFox differentiates by providing a single, comprehensive platform for EASM, Digital Risk Protection, and Threat Intelligence. This complementary approach reduces manual burdens with automated processes and technology, giving security teams comprehensive visibility and control over their external attack surface. And with Gartner predicting that by 2025, 60% of organisations will use a converged EASM and DRP solution from a single vendor, the combination of these capabilities is attractive for security teams looking to get the jump on streamlining their technology stack.
“Today’s announcement reinforces ZeroFox’s steadfast commitment to proactively protecting our customers against external cyber threats in a single, unified platform,” said ZeroFox’s Founder and CEO, James C. Foster, “With ZeroFox EASM, security teams gain greater control over their digital footprint with an automated way to discover, monitor, protect and improve resilience across the enterprise external attack surface.”
ZeroFox External Attack Surface Management allows security teams to:
Discover external assets: Automatically discover internet-facing assets across your digital footprint. Identify exposed systems, subdomains, IP addresses, outdated software, security certificates, and services that may be visible to an attacker.
Summarise and prioritise risk: Continuously correlate exposures to assets, with an intuitive dashboard offering a centralised view of your attack surface with clear risk scoring and AI-driven remediation recommendations to focus security efforts where time is critical.
Uncover Shadow IT: Leverage powerful searches to uncover unknown or forgotten assets linked to your domains and IP ranges. Preemptively explore your external attack surface to identify exposed systems before adversaries can discover them.
ZeroFox’s launch of External Attack Surface Management is a significant milestone for the company – it marks another major milestone after the company’s acquisition of LookingGlass Cyber Solutions in April 2023, integrating their award-winning, industry-validated technology into ZeroFox’s external cybersecurity platform. Coupled with the existing strength of Digital Risk Protection and Threat Intelligence, ZeroFox now provides organisations with exceptional visibility and defense against a majority of external cyber threats.