Attack Surface Management (ASM)

...Powered by Cygienic vCISO

Research Image


Continuously Monitor Your Company's Attack Surface Rating.




Attack Surface Management (ASM)

Attack Surface Management refers to identifying, assessing, and analyzing the vulnerabilities and potential entry points that malicious actors could exploit to gain unauthorized access to an organization. It involves identifying and mapping all the components and assets that make up an organization's internet infrastructure, such as a company's website, email server, and web applications. 

Attack Surface Scanner    

The attack surface scanner is an algorithmic generative technology, which provides a detailed analysis of any company's cybersecurity risk profile. All told, there are 55 cybersecurity controls assessed, all of which are passive and non-intrusive to any company's defense technologies. In essence, the scan probes for cybersecurity weak points, without being detected, or attempting to break in and then takes the results to calculate a risk profile and a remediation plan.   

Attack Surface Grade

When a control assessment is complete, the algorithm calculates a grade (A to E) which determines the company's cybersecurity risk profile. An example, a company with an 'E' grade would indicate its cybersecurity posture as poor and requires immediate attention to secure its defense.  


          % Score 
A+  Leader              points between 93-100%      
A    Advanced     points between 85-92%
B+  Excellent  points between 79-84%
B    Good  points between 73-78%
C+  Average  points between 62-72%
C    Low  points between 55-61%
D+  Poor  points between 47-54%
D    V.Poor  points between 40-46%
E    Critical  points between 00-39%


Attack Surface Risk Weighting

Security Checkpoints  Control 
Email Security e.g email phishing protection           6                   25                 11%       
Webpage Security e.g cookie protection  11 36 15%
Data Security e.g data privacy GDPR  9 32 14%
System Compromised e.g botnet & malware 5 40 17%
System Vulnerabilities e.g CVE & patch mgt 8 59 26%
Network Open Ports e.g bad ports open  16 38 17%
TOTAL  55 Controls  230 points  100% A+

Cyber Ratings Accuracy

Our cybersecurity risk ratings are a reliable and trustworthy source of information for assessing the risk profile of a business. All our ratings are aligned with industry security standards, including the *US Commerce of Trade - Principles For Fair And Accurate Security Ratings, *National Institute of Standards and Technology - NIST NVD CVE, and the *Common Vulnerability Scoring System - CVSS V3.0.  By aligning with these established standards, our risk ratings provide a more accurate and objective assessment of your company's security profile. 

The Cygienic vCISO platform is a leading provider in attack surface management.


Enroll today to immediately unlock entry to our demo site or get acquainted with Cygienic vCISO through our demo videoIf you're interested in subscription choices, reach out to To directly purchase a Cygienic vCISO subscription, visit


Top Arrow