Attack Surface Management use cases - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-10-10
Category
Administrator Guide

Cortex XSIAM Attack Surface Management gives security and IT operations teams the visibility they need to reduce risk to the business by focusing remediation efforts on critical exposures and assets out of compliance with policy. Cortex XSIAM automatically updates your asset lists and processes, providing a single source of truth about assets that tie to your organization, including on-prem, through partners, and in cloud providers.

Use cases include the following:

  1. Asset discovery and inventory management: Discover all of your internet-facing assets, including cloud instances, web applications, and IoT devices, and maintain an up-to-date inventory of those assets.

  2. Vulnerability management: Identify and remediate vulnerabilities in your internet-facing assets, reducing the risk of cyberattacks.

  3. Compliance: Enforce compliance policies by identifying and tracking changes in your attack surface, ensuring that all assets are properly secured and in compliance with industry standards.

  4. Incident response: Gain real-time insights into security incidents, so you can quickly respond to and mitigate potential threats.

  5. Certificate hygiene: Manage your SSL/TLS certificates by identifying expiring or vulnerable certificates and providing automated workflows to renew or replace them.

  6. DNS hygiene: Monitor your DNS records and ensure that they are properly configured, reducing the risk of DNS-related attacks.

  7. Mergers and acquisitions: Assess the security risks and identify potential vulnerabilities associated with mergers and acquisitions through visibility into the target company's internet-facing assets.