Trace Id is missing
Skip to main content
Microsoft Security

Microsoft Defender External Attack Surface Management (EASM)

See your business the way an attacker can.

A person working at their desk looking at data in Microsoft Excel on a desktop monitor.

Continuous visibility beyond the firewall

See your rapidly changing, global external attack surface in real time with Defender EASM.

Discover unmanaged resources

Understand the full extent of your attack surface, including shadow IT and assets created through common, everyday business growth. 

Multicloud visibility

Maintain a dynamic inventory of external resources across multiple cloud and hybrid environments.

Identify exposed weaknesses

Prioritize vulnerabilities and misconfigurations hidden in unmanaged resources, then bring the resources under management to remove those exposures.

The external attack surface management challenge

In this era of hybrid work, shadow IT creates an increasingly serious security risk. Defender EASM helps cloud security teams see unknown and unmanaged resources outside the firewall.


Discover, classify, and prioritize exposed weaknesses in the cloud, software as a service (SaaS), and infrastructure as a service (IaaS) resources to strengthen security posture.

A Defender EASM inventory report in Azure including a list of approved assets.

Real-time inventory

Use dynamic, always-on inventory monitoring to find, analyze, and categorize external-facing resources as they appear.

An attack surface summary dashboard broken out into three priority levels.

Attack surface visibility

Discover external assets across multiple cloud environments, including unknown resources such as shadow IT.

A security posture dashboard detailing open ports, SSL configuration and SSL organization.

Exposure detection and prioritization

Uncover vulnerabilities throughout every layer of your external attack surface, including frameworks, web pages, components, and code.

An OWASP Top 10 dashboard explaining what broken access control means, how to remediate it and a list of related assets.

More secure management for every resource

Help protect newly discovered resources in the Microsoft Defender for Cloud portal.

Back to tabs

Microsoft Copilot for Security is now generally available

Use natural language queries to investigate incidents with Copilot, now with integrations across the Microsoft Security suite of products.

Uncover your external attack surface

Get complete visibility into internet-exposed assets with code-level discovery through a global network that graphs online relationships.

A Block diagram Infographic explaining assets with Microsoft Defender External attack surface management

Unified security operations platform

Secure your digital estate with the only security operations (SecOps) platform that unifies the full capabilities of extended detection and response (XDR) and security information and event management (SIEM).

Animation of microsoft defender dashboard homepage

Unified portal

Detect and disrupt cyberthreats in near real time and streamline investigation and response.

Back to tabs

Related products

Use best-in-class Microsoft security products to prevent and detect attacks across your organization.

A person working at their desk.

Microsoft Defender for Cloud

Assist in guarding against evolving threats across multicloud and hybrid environments.

Three people having a conversation at a desk with multiple screens.

Microsoft Defender Threat Intelligence

Help protect your organization from modern adversaries with a comprehensive view of your threat exposure.

A person working at their desk with multiple screens

Microsoft Sentinel

See and stop threats across your entire enterprise with intelligent security analytics.

Documentation and training


Announcement blog

Learn about exciting recent developments in threat intelligence from Microsoft.



Learn how to deploy and use Defender EASM in your environment.


The scale and scope of cybercrime in 60 seconds

During a cyberattack, every second counts. Here’s a year’s worth of cybersecurity research condensed into one 60-second window.


Understand your attack surface as it grows and evolves

Learn how Defender EASM gives real-time visibility into your expanding, constantly changing enterprise attack surface.

Protect everything

Make your future more secure. Explore your security options today. 

Follow Microsoft