Attack Surface Management Solutions Forum 2023

  • Wednesday, 08 Mar 2023 11:00AM EST (08 Mar 2023 16:00 UTC)
  • Speaker: Pierre Lidome

Designed for security leaders tasked with managing a growing attack surface, the SANS Attack Surface Management Solutions Forum will take place on March 8, 2023 as a virtual event. This half-day event will bring together thought leaders, subject matter experts and practitioners to discuss, share and discover best practices for addressing the operational challenges associated with organizations’ ever-growing attack surfaces. Contributing factors would be: cloud migrations, M&A, shadow IT and the rise of ransomware attacks.

Attendees will gain valuable lessons on how to operationalize attack surface management in order to improve their threat intelligence, vulnerability management and offensive security programs.

Topics covered will include:

• A Deep Dive into Attack Surface Management

• The Current State of Regulations in Cybersecurity

• How to Evaluate ASM Tools

• What Attack Surface Management looks like in the wild

• Key trends in Hacker behaviors

• Advice from SANS Experts on attack surface management


As an added bonus, one lucky registrant will be chosen as the recipient of a SANS Course valued at $8200!! All event registrants will be entered in a drawing for a complementary SANS Course of your choice, courtesy of Randori (travel & hotel expenses not included). The winner will be chosen by Randori and will be contacted directly once the event concludes. Save your seat today!

Join in on the action! Connect with fellow attendees and our event chairs in the SANS Solutions Forum Interactive Slack Workspace. Sign in once and you'll be all set for the rest our of 2023 Solutions Forums. We'll see you there!




Agenda | March 08, 2023 | 11:00 AM - 3:00 PM EST

Timeline (EST)

Session Details

11:00 AM

Welcome & Opening Remarks

Pierre Lidome, SANS Senior Instructor

11:20 AM

Attack Surface Management Demystified

Digital transformation is quickly expanding the attack surface as organizations make internal systems externally accessible via the cloud and remote work. This creates attackable assets on organizations’ unmanaged or unknown networks, offering an easy target for attackers and increasing the risk of unintended data exposures.

Join Sam Hector, IBM Security Specialist, to learn and understand what Attack Surface Management (ASM) is and how it can help your organization.

Sam Hector, Senior Strategy Leader, IBM Security

11:55 AM

Upleveling Threat Intelligence with Attack Surface Management

Attack Surface Management as a new technology will require organizations to develop new workflows. It is imperative that these workflows fit to your organizational needs as to drive action as opposed to creating disruption.

Join this session and learn how other organizations are operationalizing Attack Surface Management today.

Evan Anderson, Principle Technologist, Randori, an IBM Company

Lawrence Wells, Director, Threat Intelligence, Optum

12:30 PM


12:50 PM

Analyst Insights: GigaOm Radar for Attack Surface Management

Join this fireside chat with Howard Holton, CTO of GigaOm, and Chris Ray, Research Analyst for GigaOm, moderated by Sanara Marsh, Head of Randori Product Marketing, to discuss the GigaOm Radar Report for Attack Surface Management, where Randori was recently named a Leader. This report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria, and provides a forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. To see the full report, visit GigaOm Randori Landing Page.

Randori is a Unified Offensive Security Solution designed to bring clarity to your cyber risk through the convergence of Attack Surface Management and Continuous Red Teaming. For more information or to schedule your personal attack surface review visit:

Sanara Marsh, Head of Product, Randori, an IBM Company

Howard Holton, CTO , GigaOm

Chris Ray, Research Analyst, GigaOm

1:35 PM

Isabella Rocha, Technical Product Marketing Manager, Randori, an IBM Company

1:45 PM

Achieving Parity with Attackers

Join the 3rd annual Attack Surface Management forum for this special session with Aaron Portnoy, the original architect of the Pwn2Own contest, co-founder of Exodus Intelligence and former manager of the Zero Day Initiative.

Aaron Portnoy, Director of R&D, Randori, an IBM Company

2:20 PM

Managing Your Exposure in the Age of Digital Transformation

The Integration of Threat Intelligence, Attack Surface and Vulnerability Management into Threat Management Programs Threat management programs aiming to establish visibility, detection, investigation and response are becoming more complex as infrastructure and workforces expand and adapt. This not only makes threat management more challenging, but can also dramatically increase our exposure to attack. So how can we do a better job of proactively understanding and reducing the risks and exposures associated with this disparate environment, while simultaneously significantly reducing the stress on our threat management systems and teams?

Join us to hear what we have learned from thousands of engagements in this developing field, which we are referring to as Exposure Management. This approach has the goal of helping organizations reduce risk and inefficiencies and get the most out of the tools, processes and people that they have. All while enabling the business to evolve and thrive.

David 'Moose' Wolpoff, Co-Founder/CTO, Randori, an IBM Company

2:55 PM


Pierre Lidome, SANS Senior Instructor