Best Attack Surface Management Platforms for Splunk Cloud Platform
View:
Compare the Top Attack Surface Management Platforms that integrate with Splunk Cloud Platform as of July 2025
Sort By:
This a list of Attack Surface Management platforms that integrate with Splunk Cloud Platform. Use the filters on the left to add additional filters for products that have integrations with Splunk Cloud Platform. View the products that work with Splunk Cloud Platform in the table below.
What are Attack Surface Management Platforms for Splunk Cloud Platform?
Attack surface management (ASM) platforms enables organizations to monitor and manage their attack surface risk. Attack surface management software allows companies to view cyber risks and attack vectors related to external digital assets outside of their firewall. These platforms continuously scan and assess an organization’s digital infrastructure, including networks, systems, applications, and endpoints, to detect vulnerabilities, misconfigurations, and exposed assets that could be exploited by attackers. Compare and read user reviews of the best Attack Surface Management platforms for Splunk Cloud Platform currently available using the table below. This list is updated regularly.
-
1
ThreatLocker
ThreatLocker
The ThreatLocker suite of security tools are powerful and designed so that everyone from businesses to government agencies to academic institutions can directly control exactly what applications run on their networks. We envision a future in which all organizations can chart their own course free from the influence of cybercriminals and the damage their incursions cause, and our team of veteran cybersecurity professionals created ThreatLocker to make this vision a reality. The team at ThreatLocker has been developing cybersecurity tools for decades, including programs to enhance email and content security, and this is our most innovative and ambitious cybersecurity solution yet. We developed this unique cybersecurity system because we believe that organizations should have complete control of their networks and should not have to live in fear of the next malware attack. To learn more, visit ThreatLocker.com. -
2
Axonius
Axonius
Axonius gives customers the confidence to control complexity by providing a system of record for all digital infrastructure. With a comprehensive understanding of all assets including devices, identities, software, SaaS applications, vulnerabilities, security controls, and the context between all assets, customers are able to mitigate threats, navigate risk, decrease incident response time, automate action, and inform business-level strategy — all while eliminating manual, repetitive tasks. Recognized as creators of the Cyber Asset Attack Surface Management (CAASM) category and innovators in SaaS Management Platform (SMP) and SaaS Security Posture Management (SSPM), Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically enforce policies and automate action. -
3
CyCognito
CyCognito
Expose all the hidden security gaps in your organization using nation-state grade technology. CyCognito’s Global Bot Network uses attacker-like reconnaissance techniques to scan, discover and fingerprint billions of digital assets all over the world. No input or configuration needed. Uncover the unknown. The Discovery Engine uses graph data modeling to map your organization’s full attack surface. You get a clear view of every single asset an attacker could reach — what they are and how they relate to your business. Using CyCognito’s proprietary risk-detection methods, the attack simulator identifies risks per asset and discovers potential attack vectors. It doesn’t affect business operations and works without deployment, configuration or whitelisting. CyCognito scores each risk based its attractiveness to attackers and impact on the business, dramatically reducing the thousands of attack vectors organizations may have to those critical few dozen that need your focusStarting Price: $11/asset/month -
4
ShadowKat
3wSecurity
ShadowKat is a platform that helps organizations to manage their external attack surface. Benefits include: Internet facing asset management Expose cybersecurity risks Find problems before hackers do Automation of the security testing process Detect changes as they occur ShadowKat is an attack external surface management software designed to help cybersecurity managers maintain a stronger compliance lifecycle, continually monitor security risks, and identify various organizations assets such as webpages, networks, ASN’s, IP Addresses, open ports and more. ShadowKat helps security managers reduce the time vulnerabilities exist and reduce the size of their organization’s internet facing attack surface. Key features of ShadowKat include change monitoring, risk-based alerts, reduce vulnerabilities, and manage compliance requirements. -
5
scarlet
scarlet
Attack-Surface Management: No more forgotten servers!™ Securing your cloud apps was never going to be easy, but once you factor in multiple vendors, staff in different time-zones, and systems that auto-scale, then you are left with an attack surface that is literally changing minute-to-minute. scarlet simply connects your cloud-platform vendors to your collaboration tools. We automate the whole process, so that within minutes of something changing within your environment, scarlet will profile it, and send the results to any tools you choose. We think that's important, because if you are looking to improve your security, it’s not enough to just add the changes to a monthly pie-chart (that no-one is going to see anyway): they need to be actioned with a response. Straight away. Not tomorrow, or next month.Starting Price: €0.02 per asset, per day -
6
Deepinfo
Deepinfo
Deepinfo has the most comprehensive Internet-wide data and has been using this data for years to empower cybersecurity of all sizes of organizations worldwide. Deepinfo also provides comprehensive threat intelligence solutions, data, and APIs to top-notch cybersecurity companies. Deepinfo Attack Surface Platform empowers all sizes of organizations' security by providing actionable insights. An all-in-one attack surface solution built by an experienced team dealing with Internet-wide data for years.Starting Price: $20,000 per year -
7
Ostorlab
Ostorlab
Uncover your organization's vulnerabilities with ease using Ostorlab. It goes beyond subdomain enumeration, accessing mobile stores, public registries, crawling targets, and analytics to provide a comprehensive view of your external posture. With a few clicks, gain valuable insights to strengthen security and protect against potential threats. From insecure injection and outdated dependencies to hardcoded secrets and weak cryptography, Ostorlab automates security assessments and identifies privacy issues. Ostorlab empowers security and developer teams to analyze and remediate vulnerabilities efficiently. Experience hands-off security with Ostorlab's continuous scanning feature. Automatically trigger scans on new releases, saving you time and effort while ensuring continuous protection. Access intercepted traffic, file system, function invocation, and decompiled source code with ease using Ostorlab. See what attackers see and save hours of manual tooling and grouping of outputs.Starting Price: $365 per month -
8
runZero
runZero
Active scanning, passive discovery, and API integrations unite in one powerful platform to deliver complete visibility into managed and unmanaged assets across IT, OT, IoT, cloud, mobile, and remote environments. Some CAASM solutions rely solely on integrations to inventory your network, but those other tools are notoriously incomplete because they rely on existing sources. runZero combines our own active scanning and passive discovery with integrations so you see absolutely everything. Our unique, safe scanning technology creatively gathers data points just like an attacker would, extracting asset details to deliver mind-blowing, in-depth fingerprinting and insights into OSs, services, hardware, and more. runZero surfaces all sorts of things you had no idea were on your network, like unmanaged and unpatched assets, misconfigured and abandoned cloud resources, rogue OT devices, and unknown subnets.Starting Price: $5,000 for 500 assets -
9
Armis
Armis Security
Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California. -
10
SOCRadar Extended Threat Intelligence, a natively single platform from its inception that proactively identifies and analyzes cyber threats with contextual and actionable intelligence. Organizations need to have better visibility into external facing assets and services and the related vulnerabilities they may present. It is clearly not sufficient to have only EASM solutions to eliminate cyber risks. Rather, EASM technologies are advised to be a component of a broader enterprise vulnerability management strategy. Enterprises are seeking digital asset protection wherever exposure may occur. The traditional focus on social media and the dark web is insufficient as threat actors proliferate sources. Monitoring capabilities across all environments (cloud buckets, dark web) are considered to equip the security team effectively. For a comprehensive Digital Risk Protection, services like site takedown and automated remediation should also be included.
-
11
QOMPLX
QOMPLX
QOMPLX Identity Threat Detection and Response (ITDR) continuously validates to prevent network takeovers. QOMPLX ITDR uncovers existing Active Directory (AD) misconfigurations and detects attacks in real time. Identity security is essential to network operations. Verify identity in real-time. We verify everyone to prevent privilege escalation and lateral movement. We integrate with your current security stack and use it to augment our analytics resulting in comprehensive visibility. Understand the priority and severity of threats so resources can spend time where it matters most. Real-time detection and prevention stop attackers from bypassing security measures. From Active Directory (AD) security to red teaming and more, our experts are here to support your needs. QOMPLX enables clients to holistically manage and reduce cybersecurity risks. Our analysts will implement our SaaS solutions and monitor your environment. -
12
ThreatAware
ThreatAware
Leveraging API feeds from your existing tools, validate your controls are correctly deployed and functioning across every cyber asset. Our clients come from all industries, from legal to finance, charities to retail. We are trusted by leading organizations to discover and protect their valuable cyber assets. Create a highly accurate device inventory by connecting to your existing systems via API. When issues arise the workflow automation engine can trigger actions via a webhook. ThreatAware provides clarity of the security control health of your cyber assets in a clear and simple design. Gain a macro view of your security control health regardless of how many controls you are monitoring. Generated from any field from a device, allows you to quickly group your cyber assets for monitoring and configuration purposes. When your monitoring systems accurately depicts your live environment, every alert is real. -
13
OverSOC
OverSOC
rive your attack surface with a single source of truth. Gather and unify your IT & Cyber data to quickly discover your inventory gaps, prioritize your remediation actions, and accelerate your audits. Collect data from all the tools used by your IT and SecOps teams (via API), as well as data from your business teams (via flat files), and bring them together in a single, agent-free database. Automate the ingestion, standardization, and consolidation of your data in a common frame of reference. No more duplicate assets, no more copy-pasting into spreadsheets and manual dashboards. Maximize your data enrichment by integrating external data sources such as security bulletins from certified sources. Query your cyber data via the filter system and get accurate answers about the state of your information system. Use OverSOC's pre-recorded filters, based on specific customer needs, or create your own filters and save them to share with your collaborators. -
14
Tenable One
Tenable
Tenable One radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to isolate and eradicate priority cyber exposures from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. The world’s only AI-powered exposure management platform. See every asset across your entire attack surface—from cloud environments to operational technologies, infrastructure to containers, and remote workers to modern web-apps with Tenable's market-leading vulnerability management sensors. With more than 20 trillion aspects of threat, vulnerability, misconfiguration and asset information, Tenable’s machine-learning powered predictions reduce remediation efforts by enabling you to focus first on the risks that matter most. Drive improvements required to reduce the probability of a business-impacting cyber event from occurring by communicating objective measures of risk. -
15
RiskIQ
RiskIQ
RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand and customers. RiskIQ is the world’s only platform with patented Internet Intelligence Graph technology, security intelligence—unified. RiskIQ draws from a 10-year history of mapping the internet to fuel applied intelligence that detects and responds to cyberattacks, anywhere on earth. The most complete security intelligence to protect your attack surface. -
16
Censys
Censys
Censys Attack Surface Management (ASM) continually uncovers unknown assets ranging from Internet services to cloud storage buckets, and comprehensively checks all of your public-facing assets for security and compliance problems regardless of where they’re hosted. Cloud services enable companies to be innovative and agile, but they also scatter security risks across hundreds of cloud projects and accounts that span dozens of providers. Exacerbating the problem, non-IT employees regularly spin up unmanaged cloud accounts and services, creating blind spots for security teams. Censys ASM provides you with comprehensive security coverage of your Internet assets regardless of their location and account. Censys continually uncovers unknown assets ranging from Internet services to storage buckets, provides you with an inventory of all public-facing assets, uncovers egregious security problems, and supercharges your existing security investment. -
17
IONIX
IONIX
Modern enterprises leverage countless partners and third-party solutions to enrich online services, improve operations, grow their business, and serve customers. In turn, each of these resources connect with countless more to create a growing and dynamic ecosystem of mostly unmonitored and unmanaged assets. These hyperconnected ecosystems represent a vast new attack surface that falls outside of the traditional security perimeter and enterprise risk management strategies. IONIX protects and secures enterprises from this new attack vector. IONIX is the only External Attack Surface Management platform that enables organizations to find and eliminate risks in their entire digital supply chain. Enterprises gain deep visibility and control of hidden risks stemming from Web, Cloud, PKI, DNS misconfigurations or vulnerabilities. Integrates via API or natively with Microsoft Azure Sentinel, Atlassian JIRA, Splunk, Cortex XSOAR, and more. -
18
Assetnote
Assetnote
Gain continuous insight and control of your evolving exposure to external attack with Assetnote's industry leading Attack Surface Management Platform. Assetnote automatically maps your external assets and monitors them for changes and security issues to help prevent serious breaches. Modern development and infrastructure management practices are fast paced and constantly changing. Attackers have evolved, have you? Keep up with Assetnote. You can't protect what you don't know is out there. Improve your asset awareness with Assetnote. Assetnote continually monitors your external attack surface as it evolves allowing you to identify and triage high impact security issues quickly. Because Assetnote is performing continuous discovery and security analysis you can find issues in ephemeral and in-development assets before the attackers do. -
19
Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Google Digital Risk Protection delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web. The Google Digital Risk Protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity.
-
20
appNovi
appNovi
Connect your existing tools and consolidate your asset inventory. Gain an authoritative data source to empower your analyst and decrease escalations. Prioritize vulnerable assets based on network exposure and business impact. Understand the threat exposure of assets and alert on compliance drifts. Gain an authoritative source of data to understand your environment. Gain complete asset inventories, identify missing security agents, understand exposure, and prioritize vulnerabilities effectively. Maintain complete asset inventories using your existing tools. Prioritize risk based on network exposure and business impact. Gain total visibility of your environment and threat exposure. Streamline operations and reach outcomes faster by eliminating IT data uncertainty. Understand cardholder data protection, enhance vulnerability management processes, and identity where compensating controls are needed. -
21
Notus
Notus
Notus integrates with a wide range of data sources to deliver continuous, unified asset visibility, enabling actionable insights for critical remediation. Identify all devices, software, and configurations with existing tools. Focus on the most critical vulnerabilities first. Stay informed of changes and emerging threats. Uncover vulnerabilities and misconfiguration. Ensure that security considerations are addressed throughout the asset and software lifecycles. Track software usage, prevent violations, and optimize costs. continuous. Streamline issue resolution by assigning tasks to relevant teams. Conducting manual cybersecurity asset inventories is labor-intensive, often carried out around 12 times annually. Despite this effort, you still won't achieve an up-to-date, consolidated view of your entire environment. By using Notus, the process of managing cybersecurity asset inventories becomes straightforward and instantaneous.
- Previous
- You're on page 1
- Next