top of page


Attack Surface Management 

withASM, standardized quantitative risk management and response strategies are established, ranging from vulnerability management for all assets within the system to threat management, based on the CVE, CWE, and CAPEC systems.

​The Importance of Attack Surface Management

A Result of the Rapidly Changing Digital Environment
​Extended Attack surface

In the era of digital transformation, as the IT environment rapidly changes, the attack surface of enterprises has greatly expanded.

As a result, security vulnerabilities inside and outside the enterprises increased rapidly. As a single vulnerability can lead to an enterprise-wide security breach, businesses are at unprecedented risk.

공격표면 증가.png

ASMAttack Surface Management; Attack surface management

A new solution that helps organizations identify risks coming from digital assets and the shadow IT.

With more than one-third of recent successful attacks against enterprises originating from externally connected assets, ASM will be a must for CIOs and CISOs.



Integrated Management of Asset-based Threat Detection

Provide connector and API management functions for integrating source data from each security field

Real-time integration of threat information for situation context configuration


Risk Management Strategy and Response

​Develope response strategies based on quantitative risk indicators through the ETIR model as a unified process

Calculate risk levels according to decisions made by information security/asset managers


Automated Risk Analysis and Assessment

Provide standardized guidelines for asset management, vulnerability management, and threat management 

Utilize security vulnerability/threat/risk classification systems by type (CWE, CVE, CAPEC)


Context-based Impact Analysis

Automated playbook for Event → Ticket → Incident → Risk Scoring

Integration of unified security monitoring systems and risk management systems into one process for management


Systematic management and quantification of vulnerability analysis evaluation status enable stable system operation by establishing an integrated management system for vulnerabilities

Main Function

​Asset Management

Asset classification management

Asset information management by classification

Security standard management by asset

​Vulnerability Inspection/ Action Management

Apply inspection by asset/group

​Management through workflow

Manage personnel assignment

​Integrated vulnerability management

​Residual Vulnerability Management

Integrated vulnerability status management

Integrated risk assessment management

Vulnerability Scanner Integration

Automatic/manual report registration

Integration of various solutions

Security Governance System Integration

Various integration formats

Support multi-system integration

​Introduction Effect

bottom of page