Subscribe to the Non-Human & AI Identity Journal
Home FAQ Cyber Security What do security teams get wrong about attack…
Cyber Security

What do security teams get wrong about attack surface management?

← Back to all FAQ
By NHI Mgmt Group Editorial Team Updated July 11, 2026 Domain: Cyber Security

Teams often treat ASM as a scanning activity when it is really an operating model for continuous exposure control. Discovery without ownership, prioritisation, and remediation simply creates a bigger findings queue. The practical test is whether each exposed asset can be traced to an accountable team and a measurable fix.

Why This Matters for Security Teams

attack surface management is often misunderstood as a one-time inventory or a scheduled scanning job. That framing misses the operational purpose: continuous exposure control across internet-facing assets, identities, cloud services, and the dependencies that make them reachable. The risk is not just seeing more issues, but creating more unowned issues if discovery is not tied to accountability, prioritisation, and remediation. The NIST Cybersecurity Framework 2.0 is useful here because it emphasises governance and continuous risk management, not just technical detection.

Security teams also get tripped up by treating ASM as separate from threat intelligence and incident response. In practice, exposed services only matter when they are mapped to likely abuse paths, business criticality, and exploitability. That means an external database, a forgotten admin portal, and a leaked secret in a repository are not equivalent findings, even if they all appear in the same dashboard. Current guidance suggests ASM should be measured by reduced exposure and faster fix cycles, not by the number of assets discovered.

In practice, many security teams encounter the real failure only after an exposed asset has already been abused, rather than through intentional exposure governance.

How It Works in Practice

Effective ASM combines discovery, context, and action. Discovery identifies domains, IP ranges, cloud endpoints, SaaS instances, certificates, and shadow IT. Context answers who owns it, what data or privilege it exposes, whether it is internet-reachable, and whether it supports critical business workflows. Action then routes the finding into a remediation path with a target date, an owner, and a control objective.

That is why mature programs usually connect ASM outputs to vulnerability management, cloud security, IAM, and service ownership records. A newly exposed API matters differently if it is public by design, protected by strong auth, or backed by sensitive records. Similarly, a forgotten asset with valid credentials is more dangerous than an unpatched but unreachable host. Security teams should also use attack-pattern context. Mapping findings to the MITRE ATT&CK Enterprise Matrix helps teams prioritise what is actually exploitable, not just what is visible.

  • Maintain a canonical asset and service inventory that includes cloud, SaaS, and externally exposed identities.
  • Assign ownership at the asset or service level so findings never sit in an anonymous queue.
  • Score exposure by reachability, privilege, data sensitivity, and active threat use.
  • Link findings to remediation workflows, not just ticket creation.
  • Validate closure with rescan, control testing, or configuration evidence.

ASM also needs threat-informed triage. If a service is exposed in the same way exploited infrastructure appears in current advisories, it should move up the queue. Public reporting on AI-enabled intrusion tactics, such as the Anthropic — first AI-orchestrated cyber espionage campaign report, reinforces that exposure management now includes fast-moving, automated abuse, not just manual attacker workflows. These controls tend to break down when cloud assets are created outside standard provisioning paths because ownership and remediation routing are missing from the start.

Common Variations and Edge Cases

Tighter exposure control often increases operational overhead, requiring organisations to balance visibility against noise and workflow friction. That tradeoff is real, especially in fast-moving cloud environments where ephemeral services, temporary test endpoints, and containerised workloads appear and disappear before traditional review cycles can keep up. Best practice is evolving here, and there is no universal standard for how often discovery alone is enough without strong change integration.

One common edge case is internet-facing assets that are intentionally public but only conditionally safe. A marketing site, partner portal, or API gateway may be expected to be reachable, yet still become a problem if TLS is misconfigured, auth is weak, or secrets are exposed in associated services. Another is AI infrastructure. If ASM does not include model endpoints, agent tools, prompt gateways, or exposed inference services, it can miss a major part of the attack surface. The MITRE ATLAS adversarial AI threat matrix is relevant where AI systems themselves are reachable and attacker-controlled inputs can influence outcomes.

For regulated environments, the question is not whether every finding is eliminated, but whether exposure reduction is documented and repeatable. Teams should use the CISA cyber threat advisories to adjust prioritisation when active exploitation changes, and align control evidence with the NIST SP 800-53 Rev 5 Security and Privacy Controls where governance requires demonstrable monitoring and response. The hard part is not seeing more assets, but knowing which exposures are business-relevant and which can be accepted, retired, or automatically fixed.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

MITRE ATT&CK and MITRE ATLAS address the attack and risk surface, while NIST CSF 2.0, NIST AI RMF and NIST SP 800-53 Rev 5 set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
NIST CSF 2.0GV.RM-01ASM needs governance, ownership, and continuous risk decisions, not just discovery.
MITRE ATT&CKT1190Exposed services are often abused through public-facing application weaknesses.
NIST AI RMFAI-enabled exposure and autonomous tooling need risk governance across the AI lifecycle.
MITRE ATLASAI systems can be targeted through adversarial inputs and exposed interfaces.
NIST SP 800-53 Rev 5RA-5Vulnerability scanning must be paired with remediation and tracking to reduce exposure.

Treat AI endpoints and agents as managed exposures with defined risk, monitoring, and escalation.

NHIMG Editorial Note
Reviewed and updated by the NHIMG editorial team on July 11, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org