Kaspersky launched the new External Attack Surface module within its Digital Footprint Intelligence (DFI) service, available directly in the Threat Intelligence portal.
This enhancement introduces External Attack Surface Management (EASM) capabilities, giving security teams the visibility and control they need to stay ahead of cyber adversaries by continuously monitoring and securing their organization’s external perimeter.
The exploit of public-facing applications has been the main initial vector of attack for many years. According to Kaspersky Incident Response report, in 2024, they once again ranked first, accounting for 39% of incidents. Moreover, over 90% of the vulnerabilities exploited by attackers in 2024 were published more than a year ago, indicating that the attacked organizations had ineffective update policies.
As organizations expand their digital presence across cloud services, external applications and shadow IT, the need for continuous discovery and monitoring of internet-facing assets has become critical. The new module helps address this challenge by monitoring exposed infrastructure, uncovering weak points such as outdated software or open ports and assigning risk scores that guide security teams in prioritizing remediation according to business impact.
The External Attack Surface module is designed to answer the fundamental questions every security leader faces: What internet-facing assets do we have and which are vulnerable? By combining vulnerability detection with misconfiguration analysis and risk assessment, it provides organizations with a clear understanding of their exposure – and the actionable steps needed to reduce it.
This module does more than show the current state of a customer’s perimeter. It also processes and retains historical data, enabling teams to track changes, investigate incidents retrospectively and gain insight into the overall dynamics of their security posture. Data is aggregated from multiple specialized search engines, maximizing visibility across hosts and services. Each discovered issue comes with detailed descriptions and recommended mitigations, helping organizations move quickly from detection to resolution.
For customers, the value lies not only in visibility, but in actionability. Whether it’s patching a vulnerable service, moving assets behind VPNs, applying WAF rules or resetting compromised credentials, the Attack Surface module provides clear, prioritized recommendations to help organizations strengthen their defenses proactively – securing what hackers can see before they can exploit it.
“Security teams are under constant pressure to manage an ever-expanding digital perimeter. With the External Attack Surface module, we give them not only visibility of what attackers can see but also recommendations to reduce exposure and respond effectively. By enriching DFI with EASM functionality, we continue to expand the scope of our Threat Intelligence portfolio and deliver cross-product synergies that empower security teams with deeper insights, faster investigations, and more resilient cyber defense.” said Yuliya Novikova, Head of Digital Footprint Intelligence at Kaspersky.
