Attack Surface Management Explained: Why You Don’t Know What You Own – WC #1

Full Segment Notes
Key Moments
  • 0:00 - Introduction: The Attack Surface Problem
  • 03:00 - Why Attack Surface Exploded Post-Pandemic
  • 06:00 - Everything is an Attack Surface (Not Just Devices)
  • 09:00 - The Visibility Problem (You Can’t Secure What You Can’t See)
  • 12:00 - Unknown Assets: The Biggest Risk
  • 15:00 - How to Justify Budget for “Unknown” Risk
  • 18:00 - Asset Inventory is the Foundation
  • 21:00 - Prioritization: What Actually Matters
  • 24:00 - Crown Jewels vs Everything Else
  • 27:00 - Winning Buy-In Across Teams
  • 30:00 - Rogue Systems & Shadow IT
  • 33:00 - Detecting Unauthorized Assets
  • 36:00 - Identity as Attack Surface (Critical Insight)
  • 39:00 - Data-Centric Security Approach
  • 42:00 - Vulnerabilities vs Exposures (Key Shift)
  • 45:00 - How to Reduce 100K Vulns to What Matters
  • 48:00 - Third-Party & SaaS Risk Challenges
  • 51:00 - Where Attack Surface Management is Going
  • 54:00 - First Steps to Get Started
  • 57:00 - Final Takeaways

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

You can skip this ad in 5 seconds