Cobalt Attack Surface Monitoring is a continuous external attack surface management service that automatically discovers, catalogs, and monitors internet-facing assets across an organization's verified domains. The service performs daily scans across all domains to detect changes such as new hosts, port modifications, and certificate updates. Discovered assets are evaluated for critical exposures including weak cipher suites, credential disclosure, and missing security headers. Each asset in the inventory is mapped to the organization's security program, with metadata indicating when it was first seen and its last penetration testing coverage status. This allows security teams to prioritize testing and remediation based on real-world exposure and pentest coverage gaps. The service surfaces findings within the Cobalt platform, enabling teams to categorize targets by status and accelerate remediation workflows. It is positioned as an always-on discovery layer that complements Cobalt's penetration testing services, helping organizations identify shadow IT and maintain awareness of their dynamic web perimeter.