Though the term Attack Surface Monitoring (ASM) doesn’t specifically refer to external threats, that’s what this market currently focuses on. In short, products in this category aim to catalogue and help manage an organization’s exposed assets.
RiskIQ is a great example of where the freemium model works best. They’ve built an essential research tool, so even if someone wasn’t interested in their digital risk protection product, when a new offering like Illuminate comes along, RiskIQ has another opportunity to inform and upsell freemium users on new products.
The most notable aspect of Randori’s product is that it is split into two parts: Recon is a fully automated SaaS product that gathers information about a company’s exposed digital assets through both passive and active methods. Randori’s other product, Attack aims to go deeper with Recon’s findings.
ImmuniWeb occupies an interesting space in the ASM market. While it offers many features only seen in some of the more complex offerings, pricing is SMB-friendly.
AlphaWave is targeting the risk analysis and prioritization end of the ASM market. The product collects information on assets and attempts to identify issues and vulnerabilities. These findings are then prioritized for the customer.
While some ASM products left us wondering where the details were and other products buried us in discovered assets with no prioritization, Intrigue strikes a solid balance between the two.
CyCognito has one of the most functional, mature and stylized user interfaces (UI) of all the ASM tools we tested. The UI isn’t all flash and no substance, however.
