Enhancing Cyber Defense: Kaspersky’s New External Attack Surface Module

Introduction

In an era where digital transformation reigns supreme, organizations find themselves grappling with the increasing complexities of cyber threats. As cybercriminals evolve their tactics, so too must the tools used to combat them. Kaspersky, a leader in cybersecurity solutions, recently unveiled its External Attack Surface module within the Digital Footprint Intelligence (DFI) service, a significant advancement designed to strengthen organizational defenses against cyber adversaries.

Understanding the Landscape of Cyber Threats

Public-facing applications have long served as a primary entry point for cyber attacks. The statistics tell a stark story: according to Kaspersky’s Incident Response report, these applications accounted for 39% of reported incidents last year. Alarmingly, over 90% of vulnerabilities exploited by attackers in 2024 were published more than a year ago, highlighting a troubling trend of ineffective update policies among organizations.

As businesses increasingly extend their reach into the digital landscape—embracing cloud services, external applications, and shadow IT—the urgency for continuous monitoring and securing of internet-facing assets has never been greater.

The Role of the New Module: A Game Changer for Security Teams

The External Attack Surface module emerges as a vital solution in meeting this demand. By offering External Attack Surface Management (EASM) capabilities, it empowers security teams with heightened visibility and control over their organization’s external perimeter. The module effectively addresses crucial queries every security leader faces: What assets are exposed on the internet, and which of these are vulnerable?

Through its robust features, the module combines comprehensive vulnerability detection with misconfiguration analysis and risk assessment. This means that organizations can gain a precise understanding of their exposure, along with actionable steps to mitigate risks.

Continuous Monitoring Made Possible

One of the standout features of the External Attack Surface module is its ability to process and retain historical data. This functionality enables security teams to track changes over time, conduct retrospective incident investigations, and develop insights into the overall dynamics of their security posture. Data from specialized search engines is aggregated seamlessly, thus maximizing visibility across various hosts and services.

Each identified issue is accompanied by detailed descriptions and recommended mitigations, allowing organizations to shift rapidly from detection to resolution—a critical factor when time is of the essence in cyber defense.

From Visibility to Actionability

The true value of the External Attack Surface module lies not simply in the visibility it affords but in the actionable insights it generates. Security teams can obtain prioritized recommendations for strengthening defenses, whether it involves patching vulnerable services, securing assets behind VPNs, applying Web Application Firewall (WAF) rules, or resetting compromised credentials.

This proactive approach allows organizations to secure what is visible to hackers before any exploitation can occur, which is crucial in today’s cyber landscape where vulnerabilities can be a goldmine for attackers.

Industry Insights: Expert Perspective

As Yuliya Novikova, Head of Digital Footprint Intelligence at Kaspersky, articulates, “Security teams are under constant pressure to manage an ever-expanding digital perimeter. With the External Attack Surface module, we give them not only visibility of what attackers can see but also recommendations to reduce exposure and respond effectively.” She further emphasizes that enriching DFI with EASM functionality enhances their Threat Intelligence portfolio, fostering deeper insights and faster investigations that lead to a more resilient defense against cyber threats.

Conclusion: A Step Forward in Cybersecurity

Kaspersky’s launch of the External Attack Surface module marks a significant leap forward in the ongoing battle against cyber threats. By equipping organizations with the tools necessary to not only identify vulnerabilities but also take decisive action, Kaspersky reaffirms its commitment to delivering innovative solutions that empower security teams. As digital landscapes continue to grow and evolve, the importance of robust cybersecurity measures has never been clearer, positioning this new module as an essential component in the toolkit of modern organizations.