External Attack Surface Management (EASM)
RCCE students will learn how to discover, inventory, and assess internet-facing assets, shadow infrastructure, exposed services, forgotten domains, and unmanaged attack surface that increase organizational risk. RCCE students will learn to track external exposure, validate ownership, prioritize risky findings, coordinate cleanup across business units, and reduce the gap between what the organization owns and what the internet reveals. The course covers practical scenarios ranging from discovery and enrichment to validation, remediation, and executive reporting. RCCE students will learn to analyze complex systems and think like an attacker to better defend the organization. This comprehensive course delivers practical knowledge applicable to real-world cybersecurity operations. Starting from foundational concepts, RCCE students will learn through a combination of concept explanation, practical demonstration, and hands-on exercises.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing External Attack Surface Management (EASM)
- Execute hands-on tasks for external attack surface management
- Execute hands-on tasks for discover, inventory, assess & reduce your external exposure
- Explain Course Overview & Learning Objectives fundamentals
- Execute hands-on tasks for discover external assets — covering Identify internet-facing infrastructure.
- Execute hands-on tasks for inventory & validate — covering Build comprehensive asset inventory.
- Execute hands-on tasks for assess & prioritize risk — covering Score findings by exploitability.
- Execute hands-on tasks for remediate & report — covering Coordinate cleanup across teams.
- Execute hands-on tasks for what is external attack surface management?
- Execute hands-on tasks for why it matters
- Execute hands-on tasks for domains & subdomains
- Execute hands-on tasks for web applications — covering Primary, subsidiary, acquired.
- Execute hands-on tasks for passive dns collection — covering Query DNS aggregation databases.
| Module 01 | External Attack Surface Management |
| Module 02 | Discover, Inventory, Assess & Reduce Your External Exposure |
| Module 03 | Course Overview & Learning Objectives |
| Module 04 | Discover External Assets |
| Module 05 | Inventory & Validate |
| Module 06 | Assess & Prioritize Risk |
| Module 07 | Remediate & Report |
| Module 08 | What is External Attack Surface Management? |
| Module 09 | Why It Matters |
| Module 10 | Domains & Subdomains |
| Module 11 | Web Applications |
| Module 12 | Passive DNS Collection |
| Module 13 | Active DNS Brute-Force |
| Module 14 | DNS Record Analysis |
All hands-on labs run on Rocheston Rose X OS. Students practice external attack surface management (easm) by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for external attack surface management
- Lab 2: Execute hands-on tasks for discover, inventory, assess & reduce your external exposure
- Lab 3: Explain Course Overview & Learning Objectives fundamentals
- Lab 4: Execute hands-on tasks for discover external assets
- Lab 5: Execute hands-on tasks for inventory & validate
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for External Attack Surface Management (EASM), verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI