
What is Attack Surface Management and Why is it Important?
Attack Surface Management (ASM) is a crucial cybersecurity process involving the identification and monitoring of internet-facing assets like IP addresses and domains. This is essential for detecting vulnerabilities before cybercriminals can exploit them. Security organizations emphasize that discovery is no longer sufficient, advocating for a transition from visibility to actionable responses.
According to Criminal IP by AI SPERA, addressing the gap between detection and action is increasingly critical. With advances in AI, attackers can identify and target assets faster, necessitating more efficient threat management strategies. Criminal IP aims to enhance ASM by integrating AI to filter noise and provide context, enabling quicker responses to threats.
How Does Criminal IP’s AITEM Framework Work?
Criminal IP introduced the AITEM framework at Infosecurity Europe 2026, representing an evolution in threat exposure management. AITEM, or AI-based Threat Exposure Management, incorporates agentic AI into the Continuous Threat Exposure Management cycle, enhancing processes like threat prioritization and vulnerability impact analysis.
The framework facilitates natural language security operations, allowing security teams to direct workflows without complex configurations. Automated asset owner identification and CVE impact triage are key features, streamlining processes by automatically mapping vulnerabilities to relevant assets. This innovation aligns with industry trends towards AI-driven security operations.
What Are the Key Capabilities of AITEM?
AITEM envisions several advanced capabilities to enhance ASM. These include automated asset owner identification, which uses AI to query internal systems and trace asset ownership efficiently. This reduces time spent on manual identification, allowing security teams to focus on more critical tasks.
Additionally, AITEM includes CVE impact triage, where AI continuously monitors vulnerabilities and maps them to the organization’s live asset inventory. This helps prioritize exposures that require immediate attention. Shadow AI detection and guided remediation are also part of the framework, addressing unauthorized AI usage and suggesting mitigation paths when patching isn’t feasible.
What Did Criminal IP Present at Infosecurity Europe 2026?
During Infosecurity Europe 2026, Byungtak Kang, CEO of AI SPERA, presented a session titled “From Visibility to Threat Hunting: A Case Study of AI-Driven Attack Surface Management.” This session highlighted the transformation from mere visibility to active threat hunting, demonstrating how AI can support faster investigations and more effective operations.
The introduction of AITEM expanded this discussion, emphasizing the need for integrated AI solutions in ASM. Kang highlighted that the competition in ASM now focuses on operational speed and response effectiveness, rather than merely identifying assets. AI SPERA’s advancements reflect the broader industry shift towards AI-driven security.
Frequently Asked Questions
What is the purpose of AITEM?
AITEM aims to integrate AI into the threat exposure management cycle, enhancing processes such as threat prioritization and owner attribution. It provides automated solutions for identifying asset ownership, mapping vulnerabilities, and suggesting remediation paths, thereby improving the efficiency of security operations.
How does AITEM improve traditional ASM processes?
AITEM enhances traditional ASM processes by introducing AI-driven capabilities that automate repetitive tasks and provide deeper insights into threats. This allows security teams to focus on decision-making and response, bridging the gap between detection and action in managing cyber threats.
What industry trends does AITEM align with?
AITEM aligns with industry trends towards incorporating AI into security operations. At events like RSAC 2026, themes such as agentic AI and shadow AI detection have emerged, with major vendors shifting towards integrated, AI-driven tools for more effective threat management.
Who is behind Criminal IP?
Criminal IP is operated by AI SPERA, a provider of cyber threat intelligence solutions. The platform delivers decision-ready intelligence and attack surface management solutions to security teams worldwide, aiming to provide real visibility into cyber landscapes and accelerate threat detection and response.
Related coverage
Sources







