Question

Regarding Attack Surface Management

  • 16 October 2023
  • 1 reply
  • 59 views

Badge

I had already posted a question with this content, but it seems that the post was deleted for unknown reasons, so I'm reposting it.

 

Our client has asked the following questions related to Attack Surface Management. They are currently conducting a comparative analysis with products from other vendors for ASM implementation. We hope to see Cymulate ASM adopted if possible, so we would like to provide as detailed answers as possible to the client's questions. Therefore, we kindly request prompt responses to the questions below.

 

[Asset Discovery]

  1. Is there a place to confirm future development roadmaps, such as the addition of new features?
  2. Can new asset information be immediately detected when it is added or updated? (Is there an automatic detection feature?)
  3. Can it detect IT assets that the organization is not monitoring? If so, does it have a feature to notify users when detected? How is this notification done?
  4. Can the organization add IT assets it is monitoring to the management scope?
  5. Can it detect assets that are publicly exposed due to misconfigurations, contrary to the organization's intentions?
  6. Does it have administrator alert notification through integration with Slack or other APIs?

[Risk Management]

  1. Can vulnerabilities be detected in real-time for managed assets?
  2. Can scan frequencies be changed? Can users initiate scans at their discretion?
  3. Please explain the risk assessment method.
  4. Please provide information on vulnerability assessment criteria (such as the vulnerability database information you have).
  5. Please explain the vulnerability detection method (Active Scan or Passive Scan).
  6. Is it possible to integrate with vulnerability scanners using APIs?
  7. How much time is required to detect a new vulnerability after it has been publicly disclosed?
  8. Can users check the existence of vulnerabilities they want to detect?
  9. Can users selectively scan only the vulnerabilities they want to detect?
  10. Does it have a feature to differentiate and notify administrators based on the risk level (importance)? Can this be configured at the user level?

[Incident Response]

  1. Are there any bug or error information publicly available for Cymulate ASM?
  2. Is notification possible for detection/analysis process failures?
  3. Is it possible to obtain error logs for investigation in the event of an incident?
  4. Is there a dedicated support channel for MSSP?
  5. Can rapid response be obtained in the event of a significant impact due to incidents?

[Other]

  1. Can logs be exported for each subsidiary, business partner, or other designated unit?
  2. Can logs be exported in their entirety to a log management platform (storage) using APIs?
  3. Is multi-tenancy supported?

 

Best Regards.


1 reply

Userlevel 2
Badge +2

Hello @hrseo,
Soon Bock will take it with you directly, answering the questions raised.

Thank you very much,

Nir Stolarsky

Reply