Kaspersky expands threat intelligence with external module

Kaspersky has unveiled a new External Attack Surface module within its Digital Footprint Intelligence (DFI) service, now accessible through the Threat Intelligence portal

This addition integrates External Attack Surface Management (EASM) features, enabling security teams to continuously oversee and protect their organisation’s external perimeter with improved visibility and control.

For years, the exploitation of public-facing applications has remained the leading method of initial compromise. According to the Kaspersky Incident Response report, these accounted for 39% of incidents in 2024. Furthermore, over 90% of the vulnerabilities targeted by attackers during that year had been publicly disclosed more than twelve months earlier, highlighting weak update and patch management practices in the affected organisations.

With the rapid expansion of digital ecosystems across cloud platforms, third-party applications, and shadow IT, organisations face mounting challenges in maintaining a secure perimeter. The newly introduced module helps by detecting exposed infrastructure, flagging vulnerabilities such as unpatched software or open ports, and assigning risk scores so that security teams can prioritise fixes based on potential business impact.

The External Attack Surface module directly addresses two essential concerns for security leaders: identifying internet-facing assets and determining which ones are at risk. It combines vulnerability scanning, misconfiguration checks, and contextual risk analysis to give enterprises a clear picture of their exposure, along with concrete steps to minimise it.

Unlike tools that provide only a snapshot, this solution also collects and stores historical data. This enables retrospective analysis, trend monitoring, and enhanced incident investigations. Data aggregation from multiple specialised search engines boosts coverage across hosts and services. Each issue discovered is supported by thorough explanations and remediation advice, ensuring teams can move efficiently from detection to resolution.

The value of the module lies not only in enhanced visibility but also in the ability to act decisively. Whether it involves patching outdated software, moving systems behind VPNs, applying WAF rules, or resetting compromised credentials, the module delivers clear and prioritized recommendations that help organizations strengthen defenses before attackers can exploit weaknesses.

“Security teams are under constant pressure to manage an ever-expanding digital perimeter. With the External Attack Surface module, we give them not only visibility of what attackers can see but also recommendations to reduce exposure and respond effectively. By enriching DFI with EASM functionality, we continue to expand the scope of our Threat Intelligence portfolio and deliver cross-product synergies that empower security teams with deeper insights, faster investigations, and more resilient cyber defense.” said Yuliya Novikova, head of digital footprint intelligence at Kaspersky.