IDORSSRFAUTH BYPASSJWT FORGERYRACE CONDITIONXXEBROKEN OBJECT-LEVEL AUTHPRIVILEGE ESCALATIONMASS ASSIGNMENTGRAPHQL INTROSPECTION ABUSEIDORSSRFAUTH BYPASSJWT FORGERYRACE CONDITIONXXEBROKEN OBJECT-LEVEL AUTHPRIVILEGE ESCALATIONMASS ASSIGNMENTGRAPHQL INTROSPECTION ABUSE
Impactr Logoimpactr
FeaturesHow it worksEvidencePricingLearnCompare
  1. Home
  2. Glossary
  3. ASM

Security platforms

ASM

Attack Surface Management

Also: EASM · External Attack Surface Management

Attack Surface Management (ASM) continuously discovers, inventories, and monitors the internet-facing assets and exposures an organization has - known and unknown. External ASM (EASM) focuses on the outside-in view an attacker sees. ASM answers 'what do we have exposed?'; testing answers 'what can be exploited?'.

Key points

  • Continuous discovery of known and shadow assets.
  • Outside-in (EASM) view mirrors the attacker's perspective.
  • Most valuable when paired with testing that proves exposure.

Related

Attack SurfaceCAASMAutonomous Penetration Testing

Impactr is an autonomous AI penetration testing platform - it investigates, chains, and proves web and API vulnerabilities with reproducible evidence.

Join the waitlist
← All terms
Impactr Logoimpactr

Built by hackers, for the code you ship. Autonomous AI penetration testing for modern web apps and APIs.

© 2026 Impactr

Product

FeaturesCoverageUse casesEvidencePricingWaitlist

Resources

VulnerabilitiesGuidesComparisonsGlossaryCWE databaseBy industryBy languageHTTP status codesSecurity headers

Company

ContactTwitterLinkedInGitHub