EASM (External Attack Surface Management)

External Attack Surface Management is the discipline of assessing and managing only the assets visible from outside an organization's perimeter. The "external" qualifier distinguishes it from broader ASM programs that may include internal network scanning or agent-based monitoring. In vendor risk management, EASM is the enabling methodology behind outside-in assessments, as it requires no credentials or internal access from the vendor being assessed.