A primary objective for  IT security teams is to reduce the risk associated with the organization's network attack surface at all times. One might think it easy to just reduce the attack surface to reduce overall risk. And this can be done by closing off potential points of entry for attackers. For example, closing unused ports in a firewall, hardening an OS, eliminating vulnerabilities in an application during development, and so on. However, these steps can only go so far, as business realities tend to collide with business objectives.

Over time, more businesses have taken advantage of agile cloud services and multiple cloud vendor solutions. Although moving data, applications, and infrastructure to the cloud has provided more agility, scalability, and flexibility, the changes have also dramatically expanded network edges and the attack surface.

The proliferation of Internet-of-Things (IoT) devices combined with a lack of visibility into those devices also means organizations can have serious blind spots regarding cyber risk. This expanding attack surface is even further complicated for manufacturing companies that no longer can rely on an "air gap" between their operational technology (OT) and IT networks. The increasing connections between these systems make OT networks more vulnerable to attack than IT networks.

Today, most security and IT teams are dealing with an attack surface that is exponentially larger than it used to be. To avoid security incidents, IT teams need consolidated visibility and automation to monitor and assess the current state of their security.

Looking at Assets through a Security Lens

When you think of visibility into the network, assets like laptops, printers, and servers may come to mind. But today's networks often include hundreds or thousands of networking devices, security products, IoT devices, and connected OT systems. Unfortunately, many organizations lack full visibility into their entire asset landscape. There may be significant "black holes" that they can't see. In some cases, organizations may be able to see their IT assets but not IoT or OT devices.

The old saying that you can't secure what you can't see comes into play here. With an ever-evolving network perimeter, it becomes much more difficult to view assets in a unified fashion and assess those assets in terms of potential vulnerabilities and configuration issues. It's also challenging to evaluate the state of existing controls in terms of protecting the organization overall.

For most organizations, identifying and assessing assets involves substantial manual effort or homegrown approaches. Some organizations develop in-house IT tools or develop manual processes to catalog and track their assets, but this approach often provides more of an asset life-cycle view than a security and risk view of the situation. Organizations that use a configuration management database (CMDB) to keep track of IT assets, configurations, and infrastructure information may be able to automate the process somewhat but still don't have a security-oriented view of their assets.

Another issue organizations face is that it's impossible to fix everything at once. Risk scoring helps security and IT teams prioritize projects by providing the organization with an objective, comprehensive ranking of risks. Some solutions also provide the ability to drill down to the asset level to improve scores.

The Solution: the FortiGuard Attack Surface Security Service

Cyber asset attack surface management (CAASM) technology has emerged to help teams improve visibility into their internal and external assets to assess risk and provide mitigation guidance. The FortiGuard Attack Surface Security Service, which is a part of Fortinet's FortiGuard AI-Powered Security Services portfolio, offers lightweight CAASM capabilities to help teams gain insights into asset types across their complex environments, better monitor systems and identify potential vulnerabilities or risks, and provide remediation and mitigation guidance and advice.

The Attack Surface Security Service is integrated into FortiGate appliances and provides comprehensive security and risk scoring across three areas:

• Security posture
• Fortinet Security Fabric platform coverage
• Network optimization

The service performs several critical checks, offering an executive-level view and reporting into the organization's security posture. Security analysts and IT administrators can use the service to drill down to the individual asset level and make changes to improve security. It also assesses the company's adherence to Fortinet security best practices, CIS Controls and PCI DSS, and simplifies asset identification and risk scoring of IT, IoT, and OT devices.

Additional features include:

• Reduces what would typically be manual efforts to discover and catalog assets, assess security controls and risk, and score risk comprehensively
• Helps put security and IT teams on a more proactive security footing
• Incorporates outbreak alerts and PSIRT advisories

The FortiGuard Attack Surface Security Service is a security subscription that can be added a la carte to existing FortiGates and related deployments or as part of the FortiGuard Enterprise Protection Bundle.

Learn more about how FortiGuard AI-Powered Security Services integrates with security solutions across the Fortinet portfolio of products to protect applications, content, web traffic, devices, and users located anywhere.