Page 74 - Cyber Defense eMagazine October 2023
P. 74
The Symbiotic Nature of ASM and Security Validation
The emergence of Continuous Threat Exposure Management (CTEM) practices has helped
organizations recognize the crucial role testing plays in keeping their systems secure. CTEM refers to
the ongoing processes of identifying potential exposures, testing how vulnerable they are to actual attack
tactics, and prioritizing their remediation. It is designed to prompt organizations to evaluate their security
capabilities on a continuous basis. ASM and Security Validation tools play an important, symbiotic role
here: ASM is used to generate a comprehensive view of the organization’s attack surface by creating a
blueprint of potential vulnerabilities and exposures and verifying; while Security Validation takes that
blueprint and puts it to the test by actively seeking out those exposures to test breach feasibility and
control efficacy.
The goal isn’t just to assess where vulnerabilities lie—it’s to understand which can be successfully
exploited and leave the organization vulnerable to attack. ASM can highlight attack paths, but only
validation can reveal whether adversaries can capitalize on them. For example, ASM may indicate a gap
in coverage for one security solution, revealing what looks like a dangerous attack path. But when tested,
Security Validation may reveal what appeared to be an exposure is actually protected by compensating
controls. This confirms that there is no actual path of attack for a threat actor to successfully leverage
and exploit that vulnerability. In that case, remediating that coverage gap may not be a high priority, and
the organization can focus on addressing other exposures that are not as well protected and leave them
vulnerable to attack.
Now Is the Time to Invest in ASM and Security Validation
Growing recognition of the need to verify the effectiveness of security controls has driven significant
innovation in the areas of ASM and Security Validation. Today’s most advanced ASM solutions can
provide businesses with visibility across their entire organization—including both on-premises and in the
Cloud. With businesses increasingly adopting Cloud and multi-Cloud environments (and attackers
frequently targeting them), it is important for ASM and Security Validation solutions to cover major public
Cloud providers. Similarly, attacks on containers are continuing to rise, and businesses need to be able
to secure their Kubernetes environments and validate the efficacy of the controls that protect them.
Fortunately, as ASM and Security Validation vendors continue to innovate, those capabilities are readily
available to today’s businesses. It's also important to note that this increased capability around Cloud
platforms does not remove the need for Security Validation and ASM across on-premises infrastructure.
Instead, advanced solutions take into account the various on-prem and hybrid configurations and
evaluate possible exposures both individually, and as a unified architecture.
Given the pressures to have visibility across cloud and on-premises environments, it is not surprising that
ASM and Security Validation were hot topics at this year’s Black Hat conference—and new technologies
like those showcased at the event will become essential for modern businesses. Solutions like the
Cymulate platform build on traditional Security Validation features to include Cloud and Kubernetes attack
simulation scenarios and templates, allowing businesses to conduct breach feasibility assessment and
gauge business risk from on-prem systems to the Cloud and back. As time goes on and innovation in
Cyber Defense eMagazine – October 2023 Edition 74
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.