Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Innovation and Technology to Advance Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Innovation and Technology to Advance Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Cybersecurity

Attack Surface Management: How to Mitigate Risks and Patch Vulnerabilities

by Kelsey Winick
September 7, 2022
in Cybersecurity, Defense & IC
Reading Time: 3 mins read
A A
Attack Surface Management: How to Mitigate Risks and Patch Vulnerabilities
Share on FacebookShare on Twitter

Earlier this year serious vulnerabilities were detected in Log4j. The vulnerability, which made users’ devices exploitable through the use of the software has now been identified as endemic. For government agencies, this means that it’s more important than ever to manage this attack surface and eliminate the risks presented by this commonly used, open-source logging shell.

Log4j is widely used in applications like iMessage, to log security and performance information. Jonathan Cran, Vice President at Mandiant, explained in a recent webinar that “the challenge is that is it not immediately obvious whether an application is running Log4j since it can be running in the background.” Through attack surface management tools, agencies can run checks and queries throughout their environment to investigate where there could be potential vulnerabilities.

Attack surface management applications provide agencies with the tools to mitigate cybersecurity risks since the attack surface is expanding due to hybrid working. This leaves agencies in need of applications to defend their environments from bad actors, who are growing in sophistication and using automated tools to discover vulnerable assets, identify vulnerabilities, and launch attacks. According to Forrester, on average, attack surface management tools initially discover 30 percent more cloud assets than security and IT teams even know they have. Missing visibility of assets makes it difficult to manage from a security perspective, commented Michael Reynolds, Director of Product Marketing at Mandiant.

The capabilities of attack surface management applications include comprehensive visibility throughout the agency’s network, continuous monitoring for exposures, and operationalized intelligence. By first discovering unknown assets throughout the environment, agencies can then investigate and determine vulnerabilities. After establishing the potential threat vectors, agencies can continuously monitor those vectors and the overall system. If any exposures were to occur where potential attackers may break through, the application could prioritize patching those exposures. Attack surface management applications notify agencies where they are potentially at risk and vulnerable so that they can leverage the gathered insight to mitigate risk within the environment.

By integrating attack surface management tools, agencies can continuously monitor their environments to stay ahead of bad actors and be prepared to mitigate real world threats. As agencies continue with the hybrid work environment, it is increasingly essential to protect the perimeter and manage the agency’s IT environment.

To learn more about attack surface management, click here.

Tags: Attack Surface ManagementcybersecurityLog4jMandiantPatchingRisk Mitigation

RELATED POSTS

Identifying the Building Blocks for a Successful Zero Trust Journey
Civilian

Identifying the Building Blocks for a Successful Zero Trust Journey

January 24, 2023
Paving the Way to a More Secure Future: How Legislation Helps
Cybersecurity

Paving the Way to a More Secure Future: How Legislation Helps

January 12, 2023
Federal IT Priorities for FY23: Security, Defense, and Digital Government Experience Top the List
Cybersecurity

Federal IT Priorities for FY23: Security, Defense, and Digital Government Experience Top the List

January 10, 2023

TRENDING NOW

  • Advana

    Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    8514 shares
    Share 3406 Tweet 2129
  • CISA Issues Updated Guidance to Protect Federal Agencies Against Expected Onslaught of DDoS Attacks

    34 shares
    Share 14 Tweet 9
  • Network Slicing Enables Agencies to Create Private, Secure, and Customized Networks: A Podcast

    125 shares
    Share 50 Tweet 31
  • Identifying the Building Blocks for a Successful Zero Trust Journey

    43 shares
    Share 17 Tweet 11

CONNECT WITH US

Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisment Banner Ad Advertisment Banner Ad Advertisment Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us