Skip to content
Attack Surface Management 101: Your Guide to Total Visibility | Download Today
Blog

Insights from the 2022 RSA Conference

Share

June 17, 2022
Tags: Events

Censys at RSAOur team headed out to San Francisco last week to attend the RSA Conference. We were there to spread awareness of Attack Surface Management and reveal the risks of internet exposure. But we also wanted to hear from the cybersecurity community about what was top of mind. That said, here’s what we learned.

Organizations have an incomplete view of their external exposure

Most attendees we talked to already had solutions in place to monitor the assets within their known IP ranges and were using some sort of vulnerability management tool, but not one attendee felt confident they knew their complete outside-in view of their assets exposed to the internet. It’s difficult – it’s a moving target every single day to know what your risks are.

Teams are wary of what assets ASM solutions surface

It was interesting to hear that ASM has somewhat of a bad reputation given the lack of clarity some vendors provide in their surfaced assets and the amount of false positives or noise that is produced.

The reason ASM has a reputation for false positives is because most solutions don’t have the appropriate data and knowledge of the internet. Other solutions also are not refreshing your attack surface quickly enough which results in presenting stale data. This is what sets Censys apart. We scan the entire internet regularly and give the most accurate and holistic view of your external attack surface. By automating scans through our ever-expanding dataset, we can accurately surface shadow IT and discover all assets associated with your organization. And to prove what we brought in is legitimate, we also show our work on every asset.

Organizations want to reduce their workload

One thing we kept hearing over and over again was that attendees and organizations need a solution that doesn’t require hiring and training more employees. By hooking into the tools your organization already uses, Censys is able to sit on the front-line, continuously discovering new assets or changes to existing assets. It can then feed that information into SEIMs for long-term historical changes or alerting, vulnerability management tools for deeper scans, or into any other system that would benefit from an external asset inventory source of truth. We are able to fill a major security gap and the best part is we already have your missing piece. There is no work that needs to be done on your end to see your organization’s internet exposure; that’s the hard part and we’ve already done it.

Did you miss Censys at RSA?

RSA is always a whirlwind of activity, so if you didn’t get the chance to stop by our booth to chat, please feel free to reach out to us. You also still have the opportunity to get a custom attack surface for your organization through a demo with our sales team. You can sign up for your tailored demo below.

Schedule a Demo

About the Author
Tanner Embry
Tanner Embry
Senior Solutions Engineer
Tanner supports new business in Enterprise Sales in the central region, with a focus on large Fortune 500 scale customers. He comes from a background in software engineering and provides insights about topics like architecture, security, implementation, and snowboarding.
Attack Surface Management Solutions
Learn more