Mandiant Attack Surface Management

Mandiant Attack Surface Management (ASM) is an external attack surface management solution that discovers and analyzes internet-facing assets across distributed and cloud environments. The platform performs automated asset discovery using minimal organizational information such as domains, networks, or SaaS accounts to identify external assets from an attacker's perspective. The solution provides continuous monitoring capabilities with configurable scan frequencies including daily, weekly, or on-demand options. It identifies technologies and services running in the external ecosystem and maintains an inventory of applications and services. The platform includes active asset checks that use benign payloads or scripts derived from Mandiant indicators of compromise (IOCs) and threat intelligence to validate asset susceptibility to exploitation. It offers outcome-based asset discovery workflows that can be customized based on specific use cases. Mandiant ASM integrates with cloud and DNS providers to provide infrastructure visibility. The platform includes role-based access controls (RBAC) to support multi-subsidiary environments where parent organizations can maintain centralized visibility while subsidiaries manage their own attack surface independently. The solution addresses use cases including shadow IT discovery, multicloud asset visibility, high-velocity exploit impact assessment, merger and acquisition due diligence, and subsidiary portfolio monitoring. It provides daily summaries of newly discovered assets and technologies to security teams.