Security news aggregator

Latest coverage for Attack Surface Management

Attack Surface Management identifies exposed assets and weaknesses so defenders can reduce unknown entry points, prioritize fixes, and limit attacker access.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Attack Surface Management continuously identifies and monitors all digital assets an organization exposes to potential attackers, including internet-facing systems, cloud resources, APIs, employee devices, and third-party connections. This process reveals where vulnerabilities or misconfigurations might exist, which attackers could exploit to gain unauthorized access or move laterally within networks.

Maintaining an accurate, up-to-date inventory of assets enables targeted vulnerability scanning and prioritizes remediation efforts. It also uncovers shadow IT and forgotten resources that often lack security controls. Automated discovery and monitoring tools help sustain visibility over evolving attack surfaces, reducing the risk of exploitation through unknown or unmanaged entry points. This practice is essential for minimizing exposure and supporting effective defensive operations.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view

Windows Admin Center flaws mean on-prem can attack cloud, and vice-versa Black Hat Asia Israeli researchers found a series of flaws in Microsoft's Windows Admin Center (WAC) and suggest this shows hybrid cloud management tools are a two-way attack surface that users don't spend enough time worrying about.…

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API keys by injecting malicious configurations into repositories, and then waiting for a developer to clone and open an untrustworthy project.…

More evidence that AI expands the attack surface Check Point researchers uncovered a remote code execution bug in popular vibe-coding AI tool Cursor that could allow an attacker to poison developer environments by secretly modifying a previously approved Model Context Protocol (MCP) configuration, silently swapping it for a malicious command without any user prompt.…

A cloud security platform that manages the attack surface and security vulnerabilities in AWS Sponsored post You’d be naïve to believe that the cloud is secure by default, and while most hosting services provide basic defenses, it’s not always clear what level of protection these provide.…

A huge attack surface for a vulnerability with various PoCs available The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching.…

The Register 2 years, 7 months ago

The XBOM vs SBOM debate

Why an eXtended Software Bill of Materials could be the next step up in cybersecurity Webinar A Software Bill of Materials (SBOM) has become a non-negotiable requirement to meet regulatory and buyer requirements. But does this provide enough protection if it can give only a partial view into interconnected and ever-changing application attack surfaces?…

Big Blue joins the hot market for infosec investment RSA Conference IBM has expanded its extensive cybersecurity portfolio by acquiring Randori – a four-year-old startup that specializes in helping enterprises manage their attack surface by identifying and prioritizing their external-facing on-premises and cloud assets.…