External Attack Surface Management (EASM)

Qualys CyberSecurity Asset Management (CSAM) provides comprehensive visibility in the form of External Attack Surface Management (EASM). It gives an outside-in view of your external-facing IT infrastructure to continuously monitor your organization's external attack surface and internet-connected assets, track changes, and receive notifications when new assets, unknown assets, or critical issues are found.

External Attack Surface Management (EASM) allows you to continuously identify and assess the security and compliance gaps in your organization’s network.

External Attack Surface Visibility

EASM gives you comprehensive visibility to monitor the external-facing organization’s infrastructure network to discover the vulnerable systems, target attacks, and campaigns.  

With this capability, you can:

- Discover all your domains, subdomains, subsidiaries, and the assets associated with them.

- Discover unsolicited ports, certificates, and applications running on exposed assets.

- Identify potential vulnerabilities and weaknesses in exposed assets.

To discover and monitor your externally exposed assets, you must activate EASM and then configure it. 

Important to Know!

We have provided support to generate an automated, on-demand external attack surface (EASM) summary report. Contact your Technical Account Manager (TAM) for the EASM summary report.

From the external attack surface summary report, you get an insight into the risk of internet-facing assets, cloud instances with risk, top risky domains, subdomains, open ports, and so on. For more information, see Generating Automated EASM Summary Report.


If you want to go ahead with EASM activation and start using it, complete the following steps:

1. Activating External Attack Surface Management

2. Configuring External Attack Surface Management

Note: When you configure EASM, it is essential to know the filter criteria that enable you to discover externally exposed hosts. For more information, see Filter Criteria in EASM Configuration


You can get complete visibility of your external attack surface with the following EASM capabilities: 

- Viewing Inventory of External Attack Surface Discovered Assets from the EASM Tab

- Viewing Inventory of External Attack Surface Discovered Assets from the Inventory Tab

Excluding IP Addresses from the EASM Discovery

VMDR Activation for Externally Exposed Unmanaged Assets

TruRisk Score for Externally Exposed Unmanaged Assets

- Managing External Attack Surface Management Dashboard

- External Attack Surface Reports

Reports Downloaded from EASM Tab

- External Attack Surface Management Alerts