Real-world attack surface monitoring at massive scale: how the UK Government protects over half a million public sector domains
Blog post from Detectify
In June 2026, the UK Government's Department for Science, Innovation and Technology (DSIT) collaborated with Detectify at Infosecurity Europe to address the complexities of scaling public sector cybersecurity, emphasizing the need for continuous attack surface monitoring across over 500,000 domains and 9,000 internal customers. Faced with challenges similar to those experienced by major enterprises, such as unmapped infrastructure and competing priorities, the UK Government shifted from legacy compliance to a centralized strategy, leveraging Detectify’s capabilities for automated vulnerability monitoring and noise reduction. The implementation of a Vulnerability Monitoring Service (VMS) enabled continuous coverage for 300,000 assets, significantly reducing the median time to resolve critical weaknesses by 84%, while a focus on education and personalized outreach facilitated self-motivation among local entities. By utilizing payload-based assessments to eliminate false positives, the approach ensured taxpayer resources were efficiently allocated, creating a scalable blueprint for enterprise-level application security.
No tracked trend matches for this post yet.