Security news aggregator

Latest coverage for Attack Surface Management

Attack Surface Management identifies exposed assets and weaknesses so defenders can reduce unknown entry points, prioritize fixes, and limit attacker access.

42 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Attack Surface Management continuously identifies and monitors all digital assets an organization exposes to potential attackers, including internet-facing systems, cloud resources, APIs, employee devices, and third-party connections. This process reveals where vulnerabilities or misconfigurations might exist, which attackers could exploit to gain unauthorized access or move laterally within networks.

Maintaining an accurate, up-to-date inventory of assets enables targeted vulnerability scanning and prioritizes remediation efforts. It also uncovers shadow IT and forgotten resources that often lack security controls. Automated discovery and monitoring tools help sustain visibility over evolving attack surfaces, reducing the risk of exploitation through unknown or unmanaged entry points. This practice is essential for minimizing exposure and supporting effective defensive operations.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 42 Filtered view

When You Consume AI, You Inherit Every Upstream Risk You Can't SeeMost enterprises don't build AI, they consume it through APIs, open-source models and orchestration frameworks. Each layer inherits upstream risk with little visibility. This piece maps the four-layer AI supply chain and the existing security disciplines that bring it under control.

Bank Info Security 1 month, 2 weeks ago

AI Agents Present Massive New Attack Surface

With Great Capabilities Comes Great RiskArtificial intelligence agents have well and truly arrived and companies of all kinds are rushing to deploy them. But experts warn that agentic AI brings with it a massive new attack surface and highlights the need for a comprehensive, systemic approach to AI security and governance.

Bank Info Security 1 month, 2 weeks ago

How to Secure AI Agents Before They Breach Your Stack

Rinki Sethi of Upwind Security on Fixing Identity Gaps in Agentic AIAgentic workflows introduce layered attack surfaces where each step can pass policy checks yet still cause a breach. Rinki Sethi of Upwind Security says threat modeling and identity governance must be built into agents from the start.

AI Adoption Is Accelerating, but Workforce Capability Isn't Keeping PaceTechnology will continue to evolve. AI will embed itself across enterprise environments and attack surfaces will expand regardless of organizational readiness. The real challenge lies on the upskilling side, where the gap is widening - often without immediate visibility.

Bank Info Security 3 months, 2 weeks ago

The Open Back Door: Industrial Remote Access

Why Remote Access to Industrial Operations Is the Biggest Unmanaged RiskRemote access has become one of the largest unmanaged attack surfaces in industrial operations. Legacy VPNs and jump servers expose OT environments to serious risk. Learn how Cisco Cyber Vision's Secure Equipment Access can secure vendor and engineer access while protecting critical infrastructure.

Bank Info Security 3 months, 2 weeks ago

Data Diodes Have Become Essential to Modern OT Cybersecurity

Segmentation Mandates Make One-Way Data-Flow Architectures EssentialData diodes are re-emerging as a preferred control as IT-OT convergence expands the industrial attack surface and regulators tighten segmentation mandates. Hardware-enforced, one-way data flow offers provable isolation for critical infrastructure and growing executive accountability.

Bank Info Security 3 months, 2 weeks ago

AI Agents Redefine Enterprise Cybersecurity Risk

Menlo Ventures' Rama Sekhar on Securing AI Agents and Non-Human IdentitiesAs AI evolves from assistants to autonomous agents, enterprises face a new attack surface driven by non-human identities. Rama Sekhar, partner at Menlo Ventures, explains why visibility, governance and AI-driven remediation are critical to securing this evolution.

Segmentation Mandates Make One-Way Data-Flow Architectures EssentialData diodes are re-emerging as a preferred control as IT-OT convergence expands the industrial attack surface and regulators tighten segmentation mandates. Hardware-enforced, one-way data flow offers provable isolation for critical infrastructure and growing executive accountability.

Bank Info Security 4 months, 4 weeks ago

Koi Purchase Bolsters Palo Alto's AI Attack Surface Defense

$300M Acquisition Strengthens Palo Alto Networks' XDR and AI Governance PlatformPalo Alto Networks plans to acquire Koi Security for $300 million to address growing AI-driven endpoint risks. The startup's technology adds deep visibility into AI agents plug-ins and nonbinary code, enhancing Cortex XDR and Prisma AIRS as enterprises confront a growing unmanaged AI attack surface.

Early-Stage Startup Acquisitions Add Agent Visibility, Asset Management, MSP ToolsCheck Point is accelerating its AI security and exposure management strategy with three acquisitions targeting agentic AI, internal asset attack surface management and MSP-focused unified management. The company says the deals strengthen platform consolidation and automated remediation.

Bank Info Security 6 months ago

Overcoming Machine Identity Overload

CyberArk and Accenture Experts Discuss Modernization, Identity Sprawl, Securing AIEnterprises are embracing modernization by adopting artificial intelligence tools, automation and DevOps-driven development in the cloud, but these new platforms have introduced an attack surface saturated with human and machine identities, said CyberArk's Barak Feldman and Accenture's Rex Thexton.

Bank Info Security 6 months, 1 week ago

The Enduring Attack Surface of VPNs

Paper Traces Pandemic-Era Spike in AttacksOne way to look at the novel coronavirus pandemic: A societal experiment in how an oft-overlooked yet essential element of secure networking would stand up to an exploding user base. Unsurprisingly, the rapid uptake of virtual private networks by companies suddenly managing a remote workforce came with significant security costs.

CyberArk and Accenture Experts Discuss Modernization, Identity Sprawl, Securing AIFinancial services organizations are accelerating modernization efforts by adopting artificial intelligence, automation and DevOps-driven cloud development, but these initiatives have dramatically expanded their attack surface. As banks and financial enterprises rely more heavily on non-human identities to power applications, integrations and AI-driven workflows, security leaders are struggling to manage the volume, velocity and variety of machine identities across cloud and on-premises environments, said Barak Feldman, senior vice president of solutions engineering at CyberArk, and Rex Thexton, senior managing director at Accenture.

Bank Info Security 6 months, 1 week ago

Overcoming Machine Identity Overload

CyberArk and Accenture Experts Discuss Modernization, Identity Sprawl, Securing AIEnterprises are embracing modernization by adopting artificial intelligence tools, automation and DevOps-driven development in the cloud, but these new platforms have introduced an attack surface saturated with human and machine identities, said CyberArk's Barak Feldman and Accenture's Rex Thexton.

Bank Info Security 6 months, 4 weeks ago

Farm Forecast: Cloudy With a Chance of Hacking

Precision Agriculture Boost Yields but Opens Farmers to Cybersecurity RiskPrecision agriculture is transforming U.S. farming with sensors, drones and automation, boosting productivity yields. But growing digital dependence is also expanding the attack surface, exposing farms to ransomware, disruption and rising cybersecurity risk.

Bank Info Security 7 months, 1 week ago

US, Allies Warn AI in OT May Undermine System Safety

AI in OT May Trigger Cascading Infrastructure FailuresThe U.S. cyber defense agency warned that machine learning and large language model deployments can introduce new attack surfaces across critical infrastructure sectors in a document setting out principles for safely integrating AI into operational technology.

Loading more headlines...