Attack surface mgmt

SW Labs | Test methodology: Attack Surface Management

April 22, 2021
  • Provide a comprehensive inventory of publicly accessible assets
  • Evaluate the risk represented by these assets, noting issues that should be addressed
  • Prioritize any issues discovered
  • Continuously monitor these assets, reporting any changes or new assets discovered
  • Perform 1-4 with as little input from operators as possible (put another way, value can be measured as analyst time saved)
  • Junior Security Analyst Salary: $50k USD ($70k) - $33.65/hr
  • Security Analyst Salary: $75k USD ($105k) - $50.48/hr
  • Senior Security Analyst Salary: $100k USD ($140k) – 67.31/hr
  1. Account setup process
  2. UI/UX navigation
  3. Time to discover asset information (some products require a day or two, while others return results in real-time from an existing database)
  4. Accuracy of results
  5. Usefulness and quality of reporting and dashboards
  6. Integration options
  7. API functionality
Adrian Sanabria

Adrian joined SC Media’s parent company, CyberRisk Alliance in 2020. He will focus primarily on cybersecurity product reviews, but will also provide industry insight trends for both SC Media and Security Weekly (another CyberRisk Alliance company). He brings two decades of industry experience, working as a practitioner, penetration tester, and industry analyst. He spent the last few years as an entrepreneur, challenging norms in sales and marketing for a variety of vendors. Adrian loves to cook, eat, hike, play music and regale his teenagers with stories of what the early days of the Internet were like.

prestitial ad