In conjunction with the “attack surface management” concept proposed by Gartner, Asiainfo-SEC launched the “Attack Surface Management Service”, which aims to provide enterprises with an external perspective, help enterprises clearly see their own assets from the outside and the inside, discover unknown assets and threats one step at a time, and achieve dynamic active defense. Asiainfo-SEC has a first-class domestic red team. The members have an average of more than 8 years of experience in the industry. They have mature asset sorting ideas and attack methodologies, and can empower attack surface management platforms, so that enterprises can truly understand their own external attack surface situation. CICA Security's attack surface management platform can rely on external attack surface management (EASM) technology to comprehensively discover the enterprise's external attack surface based on information such as enterprise equity relationships, supply chain, business systems, app applications, public account applets, network disk libraries, code hosting platforms, subdomains, and full ports, and continue to go deeper on the basis of the discovery to conduct high-risk paths, high-risk ports, high-risk vulnerabilities, weak passwords, and historical password disclosure verification on the enterprise attack surface, and prioritize weaknesses/vulnerabilities based on vulnerability usability and vulnerability impact. To businesses Export availability security operation indicators to help continuously manage the security situation and strengthen your own cybersecurity defense system.