This bumper episode of The Dark Dive features no fewer than four co-founders, as the CEO and CTO of Searchlight Cyber (Ben Jones and Gareth Owenson) are joined by their counterparts from the Attack Surface Management company Assetnote (Michael Gianarakis and Shubham Shah).

Together, we discuss the background of Assetnote and origins of its founders in the offensive security and bug bounty world, the rationale behind the Searchlight Cyber's recent acquisition of Assetnote, and the fundamentals of Attack Surface Management (ASM).

We take a deep dive into the tenets of Attack Surface Management, including viewing ASM as a process rather than a technology, nuances in the ASM market, and the role of vulnerability research.

Further reading:

• Press release on Searchlight Cyber's acquisition of Assetnote (discussed 12:00 - 21:34): https://slcyber.io/press/searchlight-cyber-acquires-assetnote/
• Visit the Assetnote Security Research Center for the most recent vulnerability research from Assetnote (discussed 35:32 - 42:33): https://slcyber.io/assetnote-security-research-center/
• Assetnote's ServiceNow vulnerability research (discussed 37:40 - 38.35): https://www.assetnote.io/resources/research/chaining-three-bugs-to-access-all-your-servicenow-data
• Assetnote's Citrix Bleed vulnerability research (discussed 41.06 - 42.33): https://www.assetnote.io/resources/research/citrix-bleed-leaking-session-tokens-with-cve-2023-4966
• Visit this page more information on the Assetnote Attack Surface Management platform: https://slcyber.io/dark-web-security-products/attack-surface-management-tool/
• For more insights from the Assetnote co-founders on Attack Surface Management check out their own podcast, Surfacing Security: https://youtu.be/LEcFfC6OrYk?feature=shared

Want to find out more or have a suggestion for future podcast episodes?

• Email: [email protected]
• Website: www.slcyber.io
• LinkedIn: www.linkedin.com/company/searchlight-cyber
• X: www.twitter.com/SLCyberSec
• Weekly newsletter: www.slcyber.io/beacon/