When I meet with IT and security heads, one question frequently comes up: how many devices do we actually have? It sounds straightforward, but the honest answer is often somewhere between “we think we know” and “we're not really sure”. Most enterprises can only estimate their device count, and that uncertainty creates blind spots that threat actors are actively hunting for.
The problem has gotten worse over the last few years. Corporate estates have sprawled across home offices, BYOD devices, and multi-cloud environments. The network perimeter dissolved, but many organisations are still using discovery tools designed for a world where everything’s sat inside four walls. Every time we scan a new environment, we uncover devices that were completely off the radar and unprotected.
Asset visibility often only becomes a priority once something goes wrong and, by then, it's far too late. Channel partners have a real opportunity here. They can guide customers towards a more proactive stance and build some long-lasting revenue streams in the process.
The limits of traditional discovery tools
Legacy asset discovery tools were built for a different era. They assume a static network with fixed endpoints and a clear boundary between inside and outside – but that model doesn't work anymore.
Users log in from coffee shops on unmanaged BYOD devices. Short-lived cloud VMs spin up and down throughout the day. IoT and operational technology gear often gets overlooked entirely because it doesn't fit neatly into traditional IT management categories. Scanners and network probes that run on a fixed schedule simply can't keep pace with this level of change.
In our engagements, clients regularly discover between 20-30% more devices than they thought existed. That means there are devices out there lacking security updates, sitting outside access control policies and creating dangerous entry points. And threat actors know this.
The corporate network has become vastly more complicated, but many organisations are still relying on outdated tools that show what should be in the environment instead of what is actually there. These tools struggle with modern realities like remote work and hybrid multi-cloud infrastructure. As a result, unseen devices might be running unsupported software, missing critical patches or lacking proper access controls – any number of vulnerabilities that make life easy for attackers looking for low-hanging fruit.
How CAASM changes the visibility game
Cyber hygiene underpins cybersecurity and without visibility organisations cannot identify fundamental gaps such as missing multi factor authentication (MFA) controls, or weak privacy setting, or out of date software. One of the most effective ways to uncover and secure these gaps is through Cyber Asset Attack Surface Management (CAASM). Rather than periodic scans that only capture a snapshot, CAASM pulls data continuously from across the entire technology stack.
It aggregates information from EDR platforms, identity systems, mobile device management tools and cloud APIs to build a real-time, validated inventory. The difference is immediate. Companies connect the APIs and are seeing unknown, unmanaged devices appearing on the dashboard in under half an hour. The accuracy is achieved in real time as opposed to being weeks out of date.
CAASM adds actionable context which includes prioritised risk scoring, end-of-life alerts and clear visibility into which assets need urgent attention. Such clarity cuts through the noise of dozens of fragmented dashboards and prevents alert fatigue.
It also provides a significant differentiator when you're trying to win trust with customers who may be feeling overwhelmed by a sea of different tools. CAASM is designed to reduce complexity by aggregating information from existing tools and making it easier to understand. It does this by bringing everything together into a centralised view with automated validation, remediation workflows and real-time dashboards that surface what matters most.
Ultimately, CAASM transforms how organisations understand their attack surface by moving them from periodic audits and assumptions to continuous, validated visibility. This has the potential to make a real difference to an organisation’s security posture.
Visibility creates new service opportunities
There is a big role for channel partners to play in providing this visibility as companies often don't realise they need CAASM until a security incident forces their hand. That means partners need to lean into their roles as trusted advisors and highlight the business value.
The positioning fits well with where the cybersecurity market is heading. Channel partners can no longer rely on transactional, one-off sales – instead, they need to position themselves as security architects who help shape the overall security strategy.
As CAASM reveals risks organisations didn't know existed, it also provides an entry point to demonstrate the value of additional security services. Indeed, successfully addressing security blind spots opens doors for managed services, compliance assurance, remediation workflows and ongoing strategy advisory work.
Furthermore, while the primary focus is cybersecurity, CAASM has broader applications. It serves as an asset and user management platform, supporting service desk functions, end-of-life management and delivering efficiency savings.
Take Windows 10, which reached end of life in October, CAASM is well positioned to help companies identify devices that need upgrading or retiring. This was exactly the case for one organisation we supported with its end of life project. An initial scan through their configuration manager suggested that all devices had been upgraded, however our own tools revealed a different picture and machines that had been missed. This enabled the company to raise alerts and remediate or isolate affected machines.
Taking out the guesswork from security coverage across customers’ assets can open up further opportunities for support and services.
These recurring revenue streams also cement long-term customer relationships. When partners move from selling products to delivering comprehensive visibility and risk mitigation services, they transform themselves into strategic advisors, and this is where sustainable growth comes from.
Securing systems and devices is the foundation of cybersecurity, but these controls are only as strong as an organisation's ability to see what they're protecting. The challenge of “you can't protect what you can't see” isn't going away. If anything, it's getting more acute as IT estates continue to sprawl and evolve.
Channel partners hold the key to solving this problem. By helping customers gain a single, accurate view of their IT estate, partners enable organisations to move from reactive firefighting to proactive prevention. It's an approach that delivers better outcomes for customers and opens up significant, sustainable opportunities for the channel partner.
