{"id":14967,"date":"2021-02-08T10:20:26","date_gmt":"2021-02-08T17:20:26","guid":{"rendered":"https:\/\/xerosecurity.com\/wordpress\/?p=14967"},"modified":"2022-08-09T07:17:26","modified_gmt":"2022-08-09T14:17:26","slug":"continuous-attack-surface-management-with-sn1per-professional","status":"publish","type":"post","link":"https:\/\/sn1persecurity.com\/wordpress\/continuous-attack-surface-management-with-sn1per-professional\/","title":{"rendered":"Attack Surface Management With Sn1per Professional"},"content":{"rendered":"

External Attack Surface Management (EASM) has become a crucial function for every organization to gain visibility of their perimeter security. Having the right tools and processes in place is vital to detecting new vulnerabilities before attackers do. In this blog post, we will outline the basic steps for discovering the attack surface with Sn1per Professional<\/a>.<\/p>\n

<\/p>\n

Discover the External Attack Surface<\/h4>\n

Discovering the attack surface with Sn1per Professional<\/a> is easy. Simply enter the target domain name into the “Quick Commands” sections of the Command Execution Add-on v2.0<\/a> for Sn1per Professional<\/a> and enable the “Recon” option to gather all sub-domains. Set a daily, weekly or monthly scan schedule to continuously scan the attack surface.<\/p>\n

\"Sn1per-Professional-scheduled-discovery-scan2\"<\/a>

Sn1per-Professional-scheduled-discovery-scan<\/p><\/div>\n

Asset Inventory Management<\/h4>\n

Sn1per Professional<\/a> makes it easy to view the entire asset inventory or any target domain by clicking on the target workspace from the Workspace Navigator. This allows organizations to view all of their external facing assets and routinely scan for changes.<\/p>\n

\"sn1per-professional-v9.0-attack-surface-discovery1\"<\/a>

sn1per-professional-attack-surface-discovery<\/p><\/div>\n

Visibility and Risk Reduction<\/h4>\n

Sn1per Professional<\/a> provides an up-to-date view of your attack surface and provides an overall workspace vulnerability matrix and individual asset risk scores to find, prioritize and secure your entire attack surface. This is done by selecting the “All Domains” option from the “Multi-Target” drop down menu included with the Command Execution Add-on v2.0<\/a> and clicking the “Scan” button.<\/p>\n

\"sn1per-professional-v9.0-attack-surface-discovery2\"<\/a>

sn1per-professional-attack-surface-discovery<\/p><\/div>\n

Notifications and Change Auditing<\/h4>\n

Having a time-stamped log of key changes is vitally important when monitoring the attack surface. Sn1per Professional<\/a> makes this easy by letting you view the following notifications and changes directly from the UI without the need for external services such as e-mail, Slack or Discord:<\/p>\n