ACD 2.0 (Active Cyber Defence 2.0) represents the next evolutionary step in cybersecurity, focused on External Attack Surface Management (EASM) to provide organizations with real-time, comprehensive visibility and control over their external digital footprint. Insights from the recent ACD 2.0 EASM trials have revealed important advances that reshape how cyber risks are managed across complex modern IT environments.
Key insights from these trials include:
- AI-Driven Dynamic Asset Discovery: Traditional static inventory methods fall short in capturing ephemeral and cloud-native assets. ACD 2.0 leverages AI and machine learning to continuously discover external-facing assets, including unregistered subdomains, cloud services, and unauthorized APIs. This dynamic discovery helps close blind spots rapidly.
- Third-Party and Supply Chain Risk Visibility: The attack surface now extends beyond the organization itself to include vendor and supplier environments. ACD 2.0 platforms actively monitor third-party infrastructure and supply chains, identifying vulnerabilities and misconfigurations that could be exploited to breach the primary target.
- Brand Protection through Brand Intelligence: Attackers exploit brand impersonation using typosquatting domains, fake apps, and cloned websites. ACD 2.0 incorporates brand risk detection to identify and mitigate these threats swiftly, protecting digital reputation and preventing credential harvesting attempts.
- Cloud-Native Architecture for Modern Infrastructure: As enterprises migrate to AWS, Azure, and other cloud platforms, ACD 2.0 tools are built to operate natively within cloud environments, using APIs and telemetry to monitor dynamic assets like containers and serverless functions in real time.
- Workflow Integration for Rapid Response: To reduce the time from detection to mitigation, ACD 2.0 platforms integrate tightly with Security Operations Center (SOC) tools like SIEM and SOAR. This enables automated ticket generation, threat enrichment, and coordinated incident response.
The trials demonstrate that ACD 2.0 is no longer a passive supplement but a foundational security discipline providing continuous, actionable visibility into external risk factors. This comprehensive approach empowers organizations to anticipate emerging threats, prioritize remediation based on real-world attacker behavior, and maintain operational resilience in an ever-evolving cyber threat landscape.
In conclusion, ACD 2.0’s external attack surface management trials highlight the importance of real-time, AI-powered discovery, third-party risk monitoring, brand protection, cloud-native capabilities, and workflow integration as critical components in defending digital assets today and into the future.
If you want, this can be expanded into a detailed blog or report based on these trial insights.
- https://www.ncsc.gov.uk/blog-post/active-cyber-defence-2-insights-easm-trials
- https://www.ncsc.gov.uk/blog-post/active-cyber-defence-2-easm-update
- https://www.cypro.se/2025/03/05/acd-2-0-insights-from-the-external-attack-surface-management-trials/
- https://riskprofiler.io/easm-trends-2025/
- https://www.bitsight.com/guides/best-external-attack-surface-management-platforms-for-global-enterprises
- https://www.linkedin.com/posts/jonathon-ellison-obe_acd-20-insights-from-the-external-attack-activity-7303359989690101760-HkHN
- https://blog.crossborderboost.com/acd-2-0-insights-from-the-external-attack-surface-management-trials-2/
- https://www.linkedin.com/posts/thingsrecon_acd-20-insights-from-the-external-attack-activity-7303708343167008768-QCef
- https://www.cycognito.com/learn/attack-surface/attack-surface-management-tools.php