Table of Contents
- Summary
- Market Categories and Deployment Types
- Key Criteria Comparison
- GigaOm Radar
- Vendor Insights
- Analyst’s Take
- Methodology
- About Chris Ray
- About GigaOm
- Copyright
1. Summary
The difficulties and challenges presented by rapid digital growth, cloud adoption, and the sprawling public IP space leave organizations unable to accurately identify their rapidly changing attack surface, creating more opportunities for attackers. Compounding this problem is the lack of visibility into the risks resulting from the dynamic nature of the attack surface. Attack surface management (ASM) tools provide value through the continuous discovery of and insight into an organization’s attack surface.
The attack surface encompasses all services, application programming interfaces (APIs), applications, IPs, and infrastructure, regardless of the host type (virtual machine or VM, container, or bare metal) or location (on-premises or cloud). ASM tooling builds a proper management process around the attack surface it identifies. This includes automated asset discovery and tracking asset details.
An organization’s attack surface is dynamic; it can change daily, if not more often, and tracking these changes in an automated fashion is crucial for an ASM solution. But simply knowing the entirety and composition of the attack surface is not sufficient. Delineating the types of assets in an attack surface as well as the severity of the risks rounds out an ASM solution’s value proposition.
ASM is a recent addition to an organization’s defensive tool set, and like other new technologies, it’s still evolving. As more vendors enter this space, they are compelled to innovate to differentiate from one another, so prospective buyers should keep in mind that the full potential of this space has yet to be realized.
This GigaOm Radar report highlights key ASM vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Attack Surface Management Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.
Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.