2023 State of the External Attack Surface

Annual Threat Trends Analysis

Download CybelAngel's annual cybersecurity report

This report covers an internet-wide set of attack surface data, tracking trends from all of the external-facing exposures we detected in 2022. This report includes data and results from our client base, which show real alerts, impact and actionability to today’s threats.



 > 70 billion


 1 in 10





 exposed files detected (including intellectual property, financial & sensitive information)
Almost 1 in 10 of all detected internet-facing assets had an associated unpatched vulnerability.
87% of all detected threats are from third-party vendors and suppliers or malicious actors.


Retail, Telecommunications, Business services are the top 3 sectors with the highest average number of critical alerts

Fill the form and receive your report copy now!

"The external cyber risk landscape is always shifting and expanding, and this report is a great guide for understanding and countering increasingly common external exposures and threats. The unique breadth and depth of CybelAngel's scanning data put some astonishing numbers and helpful insights to trends many of us are noticing in the modern cyber context."

Todd Carroll, CISO at CybelAngel & author of the report



CybelAngel protects its customers with External Attack Surface Management (EASM) solutions with an extensive and continuous ‘outside-in’ search of an organization’s internet-facing attack surface to discover exposed and unknown assets, produce a living map of online infrastructure, and uncover hidden vulnerabilities and threats. CybelAngel analysts then contextualize the most critical findings based upon business severity and perceived risk. This unique combination of machine and human intelligence leads to the highest signal-to-noise ratio on the market, leaving IT and Security teams free to focus on core business operations.