Contact Us

On January 31, NetSPI Managing Director Chad Peterson was featured in the SecurityWeek article called Cyber Insights 2023 | Attack Surface Management. Read the preview below or view it online.

+++

SecurityWeek Cyber Insights 2023 | Attack Surface Management – Attack surface management (ASM) is an approach for delivering cybersecurity. IBM describes the attack surface as “the sum of vulnerabilities, pathways or methods – sometimes called attack vectors – that hackers can use to gain unauthorized access to the network or sensitive data, or to carry out a cyberattack.”

ASM requires “the continuous discovery, analysis, remediation and monitoring of the cybersecurity vulnerabilities and potential attack vectors that make up an organization’s attack surface. Unlike other cybersecurity disciplines, ASM is conducted entirely from a hacker’s perspective, rather than the perspective of the defender. It identifies targets and assesses risks based on the opportunities they present to a malicious attacker.”

ASM is consequently predicated on total visibility of assets, vulnerabilities, and exploits.

Management is the key word in ASM

The complexity of the modern infrastructure makes the complete elimination of threats an impossible task. ASM is not about the elimination of all threats, but the reduction of threat to an acceptable level. It’s a question of risk management.

Chad Peterson, MD at NetSPI, believes the nature and effectiveness of pentesting will evolve over 2023, “The attack surface has become more fluid, so you have to be able to scan for new assets and entry points continuously,” he says. “In 2023, organizations will combine traditional pentesting, which in many cases will still be required for regulatory needs, with the proactive approach of more continuous assessment of their attack surface. The result will be better awareness of the attack surface and more comprehensive traditional pentesting as there is more information about the true attack surface.”

Read the full article at SecurityWeek!

Explore More News

NetSPI in the News | April 6, 2026

When AI Starts Taking Action, Security Needs to Think Differently

CIO Influence interviewed NetSPI's Field CISO, Nabil Hannan, for an April 6, 2026 article about how AI systems are evolving from generating outputs to taking autonomous actions, amplifying existing vulnerabilities and requiring organizations to adopt proactive security measures and robust governance to mitigate risks.

Learn More
NetSPI in the News | April 1, 2026

Minneapolis Cybersecurity Firm NetSPI Eyes $80M-Plus Acquisitions to Fuel AI Push

Minneapolis/St. Paul Business Jounral interviewed NetSPI's President and CEO, Aaron Shilts, for an April 1, 2026 article about NetSPI pursuing acquisitions to expand its AI capabilities, enhance customer offerings, and maintain sustainable growth among evolving industry demands.

Learn More
NetSPI in the News | March 31, 2026

March 31 is World Backup Day. Here’s How to Protect Your Data Now

Forbes interviewed NetSPI's Field CISO, Nabil Hannan, for a March 31, 2026 article about World Backup Day and the importance of protecting data.

Learn More
Proactive Security News You Actually Want to Read. Sign Up for the NetSPI Newsletter Today.
NetSPI

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so you can protect what matters most to you.

© 2026 NetSPI LLC.

Privacy Policy

Modern Slavery Statement Trust Center