Gain insight into your external attack surface
Gain comprehensive visibility into all your internet-connected assets, services, and applications to better understand your organization’s full digital footprint and better assess and manage risk.
Tenable Attack Surface Management (formerly Tenable.asm) continuously maps the entire internet and detects connections to internet-facing resources, so you can discover and assess the security posture of your entire external attack surface.
Know your attack surface
Take advantage of the world’s largest attack surface map with 5 billion web assets from over 500 data sources.
Gain insight
Establish your entire attack surface in minutes, instead of months, with minimal configuration.
Understanding the business context
Easily categorize assets using 200 metadata fields and comprehensive filtering to make informed decisions.
Monitoring changes
Get an up-to-date view of your assets as your attack surface changes with daily or bi-weekly data refreshes.
Strengthening security
Proactively ensure that settings and configurations are configured with security in mind.
Monitoring changes
Continuous monitoring and archiving of all changes occurring in the AD environment (users, groups, OUs, GPOs, etc.)
Easy risk assessment
Run vulnerability scans and scan newly discovered assets in just a few clicks to understand your threats.
Attack Surface Visibility
Gain access to any internet-accessible resource, from web servers to IoT devices and network printers. Tenable Attack Surface Management has one of the largest attack surface maps in the world, with over 5 billion internet resources from over 500 data sources.
Use the largest attack surface map in the world, with 5 billion internet resources from over 500 data sources.
Unlimited top-level domains
Tenable Attack Surface Management allows you to select all domain names you want to discover and analyze. Mitigate cyber risk and prevent potential threats by knowing what you have. You can also reveal the attack surface of current and potential competitors to identify strategic opportunities for your organization. You can also view all online assets of a potential M&A target as part of due diligence to identify risks early.
Continuous data refreshing
The attack surface is highly dynamic, with new assets constantly appearing, changing, or disappearing. This makes tracking all changes very difficult, and the impact on cybersecurity risk almost impossible to understand. Tenable Attack Surface Management continuously updates data to ensure the most up-to-date version of your attack surface, and users can choose a refresh rate—biweekly or daily, depending on organizational requirements.
Attack surface change alerts
Tenable Attack Surface Management helps you easily analyze changes in your attack surface with subscriptions, which are custom lists of assets. Assets are based on user-defined criteria and update automatically. You can choose from over 100 different events related to compliance, technology, exposure, and more, and receive automatic updates and alerts as new and important changes occur.
Rich resource context and attribution
Tenable Attack Surface Management enriches billions of internet-accessible assets with over 200 metadata fields, such as CMS type, TLS certificate, expiration date, physical geo-IP location, and cloud or CDN provider, to help you make more informed decisions. Understand the potential threat of fingerprinting, port scanning, and more. Instantly refresh asset details and review asset history to see changes.
Suggested domains
Tenable Attack Surface Management discovers domain names associated with assets in your organization and automatically suggests them, along with detailed information about why a domain might be owned by a user. This helps uncover domain names you may not be aware of. Users have full control over which assets are added to the inventory after ownership verification.
Resource management
Tenable Attack Surface Management helps you easily sort and manage assets based on filters, tags, data types, and more. You can select and apply filters to help you see which assets are most important to your organization. Apply tags based on asset information to streamline asset management.
Well-documented API
Tenable Attack Surface Management lets you create your own custom integrations by leveraging a fully documented RESTful API to support security systems and workflows.
Full integration with Tenable solutions
Tenable Attack Surface Management is fully integrated with Tenable Vulnerability Management, Tenable Security Center, and Tenable Web Application Scanning, so you can quickly take action on newly discovered web assets. You can create vulnerability and web application scans with just a few clicks to close any dead ends. This provides a unified view of data and vulnerabilities and provides important context on potential attack paths from external systems to critical assets.
