{"id":5220,"date":"2023-02-03T18:02:25","date_gmt":"2023-02-03T22:02:25","guid":{"rendered":"https:\/\/solutionsreview.com\/endpoint-security\/?p=5220"},"modified":"2023-02-03T18:05:02","modified_gmt":"2023-02-03T22:05:02","slug":"attack-surface-5-fixes-to-mitigate-your-organizations-risk","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/","title":{"rendered":"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk"},"content":{"rendered":"<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-5221\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg\" alt=\"Attack Surface Management\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg 800w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk-300x150.jpg 300w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk-768x384.jpg 768w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk-540x270.jpg 540w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk-162x81.jpg 162w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify;\"><em><b>Solutions Review\u2019s Expert Insights Series is a collection of contributed articles written by industry experts in enterprise software categories. Nick Merritt of <a href=\"https:\/\/www.halosecurity.com\/\" target=\"_blank\" rel=\"noopener\">Halo Security<\/a> offers insights on attack surface management and reducing risk to your organization&#8217;s assets.<\/b><\/em><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-5184\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/01\/oie_6203555BLLdUgHz.png\" alt=\"expert insight badge\" width=\"105\" height=\"105\" srcset=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/01\/oie_6203555BLLdUgHz.png 105w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/01\/oie_6203555BLLdUgHz-81x81.png 81w\" sizes=\"(max-width: 105px) 100vw, 105px\" \/>The evolving landscape of cybersecurity has left organizations vulnerable to attack&#8211; even the ones that exist to defend others. Security is a complex undertaking; every organization should consider improving its posture. Some don\u2019t start that self-reflection process until they\u2019ve suffered a breach. Others take a more proactive approach, like hiring an experienced security engineer like a chief information security officer (CISO) to offer a new perspective.<\/p>\n<p style=\"text-align: justify;\">But what should those organizations be looking for, exactly? How can they improve their security programs in a meaningful way? The answer is rarely the shiniest new toy that vendors push out; it\u2019s more important to go back to basics and understand how to mitigate risk.<\/p>\n<p style=\"text-align: justify;\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"#\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/free-endpoint-protection-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2019\/01\/endpoint-security-speedbump-cta.jpg\" alt=\"Download Link to Endpoint Security Buyer's Guide\" width=\"800\" height=\"225\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n<h2 style=\"text-align: justify;\"><strong>Attack Surface: 5 Strategies to Reducing Risk<\/strong><\/h2>\n<hr \/>\n<p style=\"text-align: justify;\">Let\u2019s look at five ways to plug gaps in your security program so you can reduce your risk.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Consider All Assets&#8211; Internal and External<\/strong><\/h3>\n<p style=\"text-align: justify;\">Most organizations scan for vulnerabilities, but they\u2019re not looking in all the right places. They focus on internal assets at the expense of external assets, which offers attackers an equal opportunity to breach your network. Even though organizations realize they\u2019re not comprehensively scanning external vulnerabilities as well as internal ones, they struggle to find a discovery engine that can complete the task. Just because an asset lives outside your internal infrastructure doesn\u2019t mean it can\u2019t access it. Existing vendors that offer vulnerability management typically aren\u2019t positioned to find those third-party assets or recognize what your attack surface truly looks like. According to a recent study by Trend Micro, 73 percent of organizations are worried about their growing attack surface, and 43 percent believe it is \u201cspiraling out of control.\u201d By investing in an attack surface management (ASM) platform, you can get a deeper insight into just how many internet-facing doors offer access to your infrastructure.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Forget the Notion of \u2018Out of Scope\u2019 Assets<\/strong><\/h3>\n<p style=\"text-align: justify;\">It\u2019s not enough to recognize that your attack surface may be larger than you think. Too many organizations don\u2019t understand why that\u2019s a problem. They mistakenly believe that some assets are \u201cout of scope,\u201d when in reality, there\u2019s no such thing. Take the rise of subdomain takeovers, for example. Many security practitioners would consider third-party platforms or development and staging environments associated with a subdomain to be non-critical, but attackers see it as an opportunity.<\/p>\n<p style=\"text-align: justify;\">An orphaned DNS record pointing at a subdomain may be a nuance that organizations turn a blind eye to because they don\u2019t understand how an attacker might leverage that open back door to move laterally throughout a network until they can get to the crown jewels. Penetration testers shake their heads at scenarios like that because they can foresee the risk and how it could quickly morph into a business dilemma that leadership isn\u2019t considering. Other examples of supposed \u201cout-of-scope assets\u201d are third-party marketing and support platforms, legacy environments, partner tools, and forgotten projects. They all pose a risk&#8211; 69 percent of organizations have suffered an attack that began with an unknown, unmanaged, or misconfigured asset, according to ESG Research.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Redefine Success in Remediation<\/strong><\/h3>\n<p style=\"text-align: justify;\">Sure, finding and remediating 20 vulnerabilities sounds like a productive day. But it isn\u2019t about the quantity of what you find. Even if the number is zero, it could mean you\u2019re not looking in the right places. What does success look like in vulnerability management?<\/p>\n<p style=\"text-align: justify;\">It\u2019s about remediating the vulnerabilities that pose the most significant risk. Suppose a piece of hardware on your network has a severe vulnerability. In that case, it might pose less of a risk than a moderate vulnerability that\u2019s internet facing, because few people can actually access it. Considering risk in remediating vulnerabilities is the best strategy, and it\u2019s quickly gaining steam. Gartner forecasts that integrated risk management will show double-digit growth through 2024. This practice is tied so closely to security because it highlights the mistakes many organizations make and don\u2019t realize the consequences of.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Implement Continuous Monitoring<\/strong><\/h3>\n<p style=\"text-align: justify;\">Business isn\u2019t exactly booming in the tech industry amid layoffs and budget restrictions. As CIOs spend less on security, it can be tempting to cut services like pentesting. If you\u2019re doing manual assessments, those costly exercises only serve as point-in-time analyses and don\u2019t account for future risks. By leveraging automation, you can get better results without the high costs. Continuous monitoring provides greater transparency into the risks happening at any given time than the periodic analysis many boardrooms require (but don\u2019t accurately depict).<\/p>\n<h3 style=\"text-align: justify;\"><strong>Right-Size Your Assets So Oversight Isn\u2019t So Hard<\/strong><\/h3>\n<p style=\"text-align: justify;\">As an organization grows, so too does its amount of assets. Projects come and go and are often left forgotten on a network. Large enterprises that don\u2019t address the backlog of projects are shocked when a risk assessment shows just how many internet-facing assets are active.<\/p>\n<p style=\"text-align: justify;\">Traditional attack surface management suggests the winning strategy is to take as many assets off the internet as possible, but that\u2019s not feasible either. By doing a periodic review of all assets, and creating a structure where someone has to be accountable for assets, you can get a better handle on what should still be connected and what can come off the network to reduce risk. With each new breach that creates a headline, more organizations hold their breath and wonder, \u201cAm I next?\u201d By taking a proactive approach and assessing your security program in a way that mitigates risk, you can best protect your organization in a landscape that\u2019s constantly in flux.<\/p>\n<p style=\"text-align: justify;\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"#\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/free-endpoint-protection-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2019\/01\/endpoint-security-speedbump-cta.jpg\" alt=\"Download Link to Endpoint Security Buyer's Guide\" width=\"800\" height=\"225\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Solutions Review\u2019s Expert Insights Series is a collection of contributed articles written by industry experts in enterprise software categories. Nick Merritt of Halo Security offers insights on attack surface management and reducing risk to your organization&#8217;s assets. The evolving landscape of cybersecurity has left organizations vulnerable to attack&#8211; even the ones that exist to defend [&hellip;]<\/p>\n","protected":false},"author":500,"featured_media":5221,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2,335],"tags":[1888,1889,1722,1314,1891,1892,1443,1610,1890,1693,1230],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk<\/title>\n<meta name=\"description\" content=\"Nick Merritt of Halo Security offers insights on attack surface management and reducing risk to your organization&#039;s assets.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk\" \/>\n<meta property=\"og:description\" content=\"Nick Merritt of Halo Security offers insights on attack surface management and reducing risk to your organization&#039;s assets.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Endpoint Protection Security (EPP) Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/solutionsreview\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-03T22:02:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-03T22:05:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Nick Merritt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:site\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Nick Merritt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/\"},\"author\":{\"name\":\"Nick Merritt\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/450039ddcdf8d348531e1ff53afb496a\"},\"headline\":\"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk\",\"datePublished\":\"2023-02-03T22:02:25+00:00\",\"dateModified\":\"2023-02-03T22:05:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/\"},\"wordCount\":977,\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg\",\"keywords\":[\"attack surface\",\"attack surface management\",\"cyber-attack\",\"Data Breach\",\"Halo Security\",\"Nick Merritt\",\"Penetration Testing\",\"Pentesting\",\"risk assessment\",\"risk management\",\"Threat Intelligence\"],\"articleSection\":[\"Best Practices\",\"Featured\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/\",\"name\":\"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg\",\"datePublished\":\"2023-02-03T22:02:25+00:00\",\"dateModified\":\"2023-02-03T22:05:02+00:00\",\"description\":\"Nick Merritt of Halo Security offers insights on attack surface management and reducing risk to your organization's assets.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg\",\"width\":800,\"height\":400,\"caption\":\"Attack Surface Management\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/endpoint-security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"name\":\"Best Endpoint Protection Security (EPP) Tools, Software, Solutions &amp; Vendors\",\"description\":\"All the Latest News, Best Practices and Buyer&#039;s Guides for Endpoint Security and Protection\",\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\",\"name\":\"Solutions Review\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"width\":200,\"height\":200,\"caption\":\"Solutions Review\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/solutionsreview\",\"https:\/\/x.com\/InfoSec_Review\",\"https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review\",\"https:\/\/www.youtube.com\/user\/SolutionsReview\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/450039ddcdf8d348531e1ff53afb496a\",\"name\":\"Nick Merritt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f42736b429ab23b7ba9d6d559b6166f1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f42736b429ab23b7ba9d6d559b6166f1?s=96&d=mm&r=g\",\"caption\":\"Nick Merritt\"},\"description\":\"Nick Merritt is the VP of Security Products and Services at Halo Security. He brings more than 15 years of experience in application and network security testing to the company. He has been publicly credited for his contributions to responsible disclosure of zero-day vulnerabilities in mainstream software \u2013 including Microsoft. Prior to joining Halo Security, Merritt was an integral member at OneLogin and White Hat Security and served as Security Manager at McAfee.\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/author\/nmerritt\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk","description":"Nick Merritt of Halo Security offers insights on attack surface management and reducing risk to your organization's assets.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/","og_locale":"en_US","og_type":"article","og_title":"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk","og_description":"Nick Merritt of Halo Security offers insights on attack surface management and reducing risk to your organization's assets.","og_url":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/","og_site_name":"Best Endpoint Protection Security (EPP) Tools, Software, Solutions &amp; Vendors","article_publisher":"https:\/\/www.facebook.com\/solutionsreview","article_published_time":"2023-02-03T22:02:25+00:00","article_modified_time":"2023-02-03T22:05:02+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg","type":"image\/jpeg"}],"author":"Nick Merritt","twitter_card":"summary_large_image","twitter_creator":"@InfoSec_Review","twitter_site":"@InfoSec_Review","twitter_misc":{"Written by":"Nick Merritt","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#article","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/"},"author":{"name":"Nick Merritt","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/450039ddcdf8d348531e1ff53afb496a"},"headline":"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk","datePublished":"2023-02-03T22:02:25+00:00","dateModified":"2023-02-03T22:05:02+00:00","mainEntityOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/"},"wordCount":977,"publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg","keywords":["attack surface","attack surface management","cyber-attack","Data Breach","Halo Security","Nick Merritt","Penetration Testing","Pentesting","risk assessment","risk management","Threat Intelligence"],"articleSection":["Best Practices","Featured"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/","name":"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg","datePublished":"2023-02-03T22:02:25+00:00","dateModified":"2023-02-03T22:05:02+00:00","description":"Nick Merritt of Halo Security offers insights on attack surface management and reducing risk to your organization's assets.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#primaryimage","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2023\/02\/5-Fixes-to-mitigate-your-risk.jpg","width":800,"height":400,"caption":"Attack Surface Management"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/endpoint-security\/attack-surface-5-fixes-to-mitigate-your-organizations-risk\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/endpoint-security\/"},{"@type":"ListItem","position":2,"name":"Attack Surface: 5 Fixes to Mitigate Your Organization\u2019s Risk"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website","url":"https:\/\/solutionsreview.com\/endpoint-security\/","name":"Best Endpoint Protection Security (EPP) Tools, Software, Solutions &amp; Vendors","description":"All the Latest News, Best Practices and Buyer&#039;s Guides for Endpoint Security and Protection","publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization","name":"Solutions Review","url":"https:\/\/solutionsreview.com\/endpoint-security\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","width":200,"height":200,"caption":"Solutions Review"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/solutionsreview","https:\/\/x.com\/InfoSec_Review","https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review","https:\/\/www.youtube.com\/user\/SolutionsReview"]},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/450039ddcdf8d348531e1ff53afb496a","name":"Nick Merritt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f42736b429ab23b7ba9d6d559b6166f1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f42736b429ab23b7ba9d6d559b6166f1?s=96&d=mm&r=g","caption":"Nick Merritt"},"description":"Nick Merritt is the VP of Security Products and Services at Halo Security. He brings more than 15 years of experience in application and network security testing to the company. He has been publicly credited for his contributions to responsible disclosure of zero-day vulnerabilities in mainstream software \u2013 including Microsoft. Prior to joining Halo Security, Merritt was an integral member at OneLogin and White Hat Security and served as Security Manager at McAfee.","url":"https:\/\/solutionsreview.com\/endpoint-security\/author\/nmerritt\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/5220"}],"collection":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/users\/500"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/comments?post=5220"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/5220\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media\/5221"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media?parent=5220"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/categories?post=5220"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/tags?post=5220"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}