What is CTEM (Continuous Threat Exposure Management)?
TL;DR
A cybersecurity operating framework for continuously discovering, validating, and remediating exposures. Coined by Gartner.
CTEM (Continuous Threat Exposure Management): Definition & Explanation
CTEM (Continuous Threat Exposure Management) is a cybersecurity operating framework for continuously discovering an organization's attack surface, validating exploitability, prioritizing, and remediating exposures on an ongoing basis. Coined by Gartner, it comprises five stages: (1) Scoping (defining the assets to protect), (2) Discovery (finding vulnerabilities and misconfigurations), (3) Prioritization (ranking by exploitability and business impact), (4) Validation (confirming attacks succeed via autonomous pentesting and the like), and (5) Mobilization (executing remediation). Unlike one-off vulnerability scans, CTEM constantly validates 'could this be exploited right now?' from an attacker's perspective. Autonomous penetration testing and BAS (Breach and Attack Simulation) tools power the validation phase.