Download the SANS 2025 Attack Surface Management (ASM) Survey

Gain data-backed insights from 235 security leaders on how ASM is reshaping visibility, exposure management, and defense strategies for 2025.

The SANS 2025 Attack Surface Management Survey, sponsored by Netwrix, reveals how modern security teams are bridging the gap between asset visibility and operational defense. With 89% of respondents expecting risk quantification for every asset and over half demanding protection for both internal and external environments, this research highlights the next evolution of proactive exposure management.

Key Takeaways

• 55% of organizations expect ASM to protect both internal and external assets.
• 89% expect risk quantification for each asset.
• 67% want actionable mitigation guidance when vulnerabilities have public exploits.
• 47% are integrating ASM with penetration testing to fuel continuous validation.
• Only 28% of ASM tools effectively identify sensitive data across the full attack surface.

This research explores:

• How hybrid automation and human insight balance ASM effectiveness
• What capabilities matter most in next-generation ASM platforms
• How organizations can align ASM with continuous validation and purple-team operations

Produced by the SANS Institute. Sponsored by Netwrix.