As with so many areas of business, cybersecurity efforts were dramatically affected by the pandemic. Escalating attacks and new attack methods meant the defensive tools that were adequate in early 2020 no longer were fully up to the tasks required of them. Consequently, teams evaluating attack surface management (ASM) platforms from different vendors have had to expand their checklists of essential features and capabilities to include the challenges of Shadow IT and distributed autonomy of a workforce even further from IT control, physically and metaphorically.

This guide discusses the areas that should be of concern to all security officers responsible for selecting an ASM. Each topic addressed is accompanied by a list of questions you need to ask when buying an ASM to protect your organization. We also will suggest ways in which those budget considerations can be realistically brought into the vendor-review process.