Attack Surface Management (ASM)

...Powered by Cygienic vCISO

Research Image

 

Continuously Monitor Your Company's Attack Surface and Ratings.

Attack Surface Management refers to identifying, assessing, and analyzing the vulnerabilities and potential entry points that malicious actors could exploit to gain unauthorized access to an organization.  It involves identifying and mapping all the components and assets that make up an organization's internet infrastructure, such as a company's website, email server, and web applications.

The attack surface scanner is an algorithmic generative technology, which provides a detailed analysis of any company's cybersecurity risk profile. All told, there are 55 cybersecurity controls assessed, all of which are passive and non-intrusive to any company's defense technologies. In essence, the scan probes for cybersecurity weak points, without being detected, or attempting to break in and then takes the results to calculate a risk profile and a remediation plan.   

 

Attack Surface Grade

When a control assessment is complete, the algorithm calculates a grade (A to E) which determines the company's cybersecurity risk profile. An example, a company with an 'E' grade would indicate its cybersecurity posture as poor and requires immediate attention to secure its defense.  

        Grade       

          % Score 

A+  Leader             

points between 93-100%      

A    Advanced    

points between 85-92%

B+  Excellent 

points between 79-84%

B    Good 

points between 73-78%

C+  Average 

points between 62-72%

C    Low 

points between 55-61%

D+  Poor 

points between 47-54%

D    V.Poor 

points between 40-46%

E    Critical 

points between 00-39%

 

Attack Surface Risk Weighting

Security Checkpoints 

Control 
Checks 

Total
Points

Total
Weight

Email Security e.g email phishing protection 

         6         

         25         

       11%       

Webpage Security e.g cookie protection 

11

36

15%

Data Security e.g data privacy GDPR 

9

32

14%

System Compromised e.g botnet & malware

5

40

17%

System Vulnerabilities e.g CVE & patch mgt

8

59

26%

Network Open Ports e.g bad ports open 

16

38

17%

TOTAL 

55 Controls 

230 points 

100% A+

 

Cyber Ratings Accuracy

Our cybersecurity risk ratings are a reliable and trustworthy source of information for assessing the risk profile of a business. All our ratings are aligned with industry security standards, including the *US Commerce of Trade - Principles For Fair And Accurate Security Ratings, *National Institute of Standards and Technology - NIST NVD CVE, and the *Common Vulnerability Scoring System - CVSS V3.0.  By aligning with these established standards, our risk ratings provide a more accurate and objective assessment of your company's security profile. 

 

Contact sales@cygienic.com for Cygienic subscriptions.

Top Arrow