Platform Update: Attack Surface Monitoring — Arté ASM

Managing information security risk requires visibility — both inside your organization and outside it. Risk assessments, controls, and governance frameworks address your internal posture. But external exposure is a different challenge: what does your organization look like from the outside? What can an attacker see, probe, or exploit before they ever reach your systems? That is the problem Arté ASM is built to solve. What Is Attack Surface Monitoring An attack surface monitoring tool, Arté ASM continuously and automatically discovers and assesses your organization's externally-facing digital footprint. Rather than a point-in-time penetration test or a manual audit, ASM runs on a schedule — finding new assets, detecting changes, and surfacing new vulnerabilities as they emerge. Every organization has an attack surface that is larger and more dynamic than most security teams realize. Subdomains are created and forgotten. SSL certificates expire. Cloud storage buckets are misconfigured. Credentials leak in data breaches. Code with secrets gets pushed to public repositories. ASM monitors all of this — continuously. The ASM Platform — Standalone Arté ASM is available as a fully independent platform security.artytechnologies.com. Organizations can subscribe directly, with no Arté risk management subscription required. Once onboarded, you configure your domains and select which scanner modules to activate. Scans run on a schedule and findings are surfaced in a dedicated dashboard where your team can triage, acknowledge, resolve, or flag them as false positives. 15 Scanner Modules The platform runs up to 15 integrated scanner modules across four categories. Infrastructure Discovery Subdomain Enumeration discovers all subdomains associated with your domain using multiple passive and active sources. The first scan establishes a baseline; every subsequent scan highlights new or missing assets — giving you an immediate view of shadow IT and forgotten infrastructure. Cloud and Takeover Detection identifies cloud services in use and flags potential subdomain takeover vulnerabilities — cases where DNS records point to unclaimed cloud resources that an attacker could register. Technology Fingerprinting identifies CMS platforms, web servers, JavaScript frameworks, and other technologies using 501 passive detection templates. Version numbers are extracted automatically for CVE correlation. WAF and CDN Detection identifies what protective infrastructure is in front of your assets — Cloudflare, AWS WAF, Akamai, Imperva, and others — so you always know which assets are protected and which are exposed directly. Vulnerability Detection SSL/TLS Monitoring tracks certificate expiration with advance warnings at 30 and 14 days, and detects self-signed certificates, hostname mismatches, and deprecated protocol versions (TLSv1.0 and TLSv1.1). HTTP Security Headers checks for the presence and correct configuration of Content-Security-Policy, X-Frame-Options, HSTS, X-Content-Type-Options, and Referrer-Policy across all discovered subdomains. Sensitive Path Probing tests for publicly accessible files and endpoints that should never be reachable — .env files, .git directories, Spring Boot actuator endpoints, Swagger UI, GraphQL endpoints, and more. Only confirmed accessible paths (HTTP 200) are flagged. CVE Correlation automatically matches detected technologies against the National Vulnerability Database, surfacing known exploitable vulnerabilities tied to the specific versions running in your environment. Cloud Storage Exposure tests for publicly accessible S3 buckets and similar cloud storage using naming patterns derived from your domain. Publicly readable buckets are rated Critical. Opt-In Modules Some modules require explicit agreement before activation due to the nature of the data they access. Port Scanning runs an Nmap scan of the top 1,000 ports on discovered subdomains with service version detection. It alerts on risky exposed services — SSH, RDP, database ports, admin panels — that should not be publicly accessible. Certificate Transparency mines public certificate logs to discover subdomains that may not appear in DNS enumeration and flags potential takeover risks. Email Security validates SPF records for permissive configurations and checks DMARC policy strength to identify email spoofing risks. GitHub Secret Scanning searches public GitHub repositories for references to your domain combined with sensitive terms — passwords, API keys, private keys, connection strings. It returns result counts and sample URLs for manual review. Credential Breach Detection checks whether your domain appears in known data breaches via HaveIBeenPwned. It surfaces breach names, dates, and affected account counts. Nuclei Vulnerability Scanning runs focused Nuclei template categories — misconfigurations, exposed panels, default credentials, and known CVEs — against your discovered assets. Findings and Triage Every finding includes a severity rating (Critical, High, Medium, Low, or Informational), specific fix instructions, and the affected asset. Findings move through a status workflow: New → Acknowledged → Resolved → False Positive. Crucially, each scan is compared against the previous one. The diff view shows what is new, what has been resolved, and what assets have appeared or disappeared from your attack surface — so your team is never reviewing the same findings twice. Integrated with Arté — The Risk Register Connection For organizations using both ASM and the Arté portal, findings surface natively within the portal's Attack Surface tab. Your team can triage findings without switching platforms. More importantly, any finding can be pushed directly into the Arté risk register with a single click. When a finding is pushed: The severity is automatically mapped to Arté likelihood and impact scores The risk is categorized as Attack Surface with the finding type as the source An assessment is created under the Attack Surface Monitoring framework if one does not already exist The finding is linked to the risk register entry for full traceability This closes the loop between external exposure and internal governance. An ASM finding is no longer just a security alert — it becomes a tracked, managed risk item with an owner, a remediation workflow, and an audit trail. Two Ways to Use ASM Standalone — Subscribe at security.artytechnologies.com. Full access to all scanner modules, scheduled scans, finding triage, and remediation tracking. No Arté subscription required. Integrated — Arté subscribers access ASM findings natively within the portal through the Attack Surface tab. Findings flow directly into the risk register, keeping your entire security posture — internal and external — in one place. Why This Matters Risk assessments tell you what could go wrong based on what you know about your organization. Attack surface monitoring tells you what is actually exposed right now, from the outside, based on what an attacker would find. They are complementary, not interchangeable. Used together, they give security teams and management a complete picture: assessed and governed risk on the inside, continuously monitored exposure on the outside. Arté ASM is available now. Visit security.artytechnologies.com to get started, or contact us at info@artytechnologies.com for more information about integrating ASM with your Arté subscription.