Can you Ever Know Thyself: Cloud Attack Surface Management, a Google Cloud Security Podcast
In this 20-minute podcast, you’ll learn about the emerging, cloud security technology Attack Surface Management (ASM): what it does, why it’s needed, and how companies should be operationalizing it. We’ll clarify the difference between this and existing technology, such as vendor risk management and vulnerability management, and highlight why the CloudSec community should look at how ASM can be integrated with their current strategy and tools.
The Google team and Derek touch on how ASM vendors are able to find those assets that may have been misplaced on the public Internet and the reliability of the results given by ASM tooling. Lastly, they’ll discuss the fact that the challenges that ASM solves have been around for years, but the volume has exploded and the risks are abundant and complex. How do you prioritize these risks in a dynamic digital environment? Take a listen and find out.
Listeners will learn the answers to questions like:
- What Attack Surface Management is, why it’s needed, and how they should think about operationalizing it.
- When you think about the threats organizations face due to unknown assets, is data theft at the top of the stack? What should organizations keep in mind as a priority here?
- Who at an organization is best set up to receive, triage, investigate, and respond to the alerts about the attack surface?