// THREAT DETECTION AND DATA PRIVACY TERM

Attack Surface

An attack surface is the total number of all possible entry points an unauthorized user or attacker can use to access a system and extract data. It represents all the different ways a system is exposed to potential threats.

Attack Surface — illustration from Wikipedia
Image via Wikipedia

TECHNICAL DEFINITION

The attack surface is the complete set of potential entry points (attack vectors) that a malicious actor can exploit to compromise a digital or physical environment's security. This includes all hardware, software, network services, cloud assets, APIs, and human elements that are exposed to threats and contain vulnerabilities.

BACKGROUND

Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.

READ MORE ON WIKIPEDIA

SYNONYMS & ALIASES

  • threat surface
  • exposure area
  • digital footprint
  • attack vectors
  • entry points
  • security perimeter

USAGE NOTE

Security teams continuously work to minimize or 'harden' their organization's attack surface to reduce risk.

DEVELOPERS

Organizations developing technology related to Attack Surface.

  • Palo Alto Networks

    Develops Cortex Xpanse, an External Attack Surface Management (EASM) platform that actively discovers and monitors all internet-facing assets of an organization, identifying unknown exposures and risks.

  • Microsoft

    Offers Microsoft Defender External Attack Surface Management (EASM), which provides a comprehensive view of an organization's attack surface by continuously mapping its internet-exposed assets. This technology was acquired from RiskIQ.

  • Tenable

    Provides Tenable.asm for external attack surface management, which discovers and inventories internet-facing assets to identify potential exposures before they can be exploited by attackers. This is integrated with their broader vulnerability management platform.

  • CrowdStrike

    Offers Falcon Surface, an EASM module within its Falcon platform that discovers and monitors external assets and services to identify security weaknesses, exposed credentials, and potential attack vectors.

  • Rapid7

    Develops the Insight platform, which includes capabilities for attack surface monitoring by discovering external assets, identifying vulnerabilities, and prioritizing risks across cloud, on-premises, and remote environments.

  • IBM

    Provides IBM Security Randori, an attack surface management solution that takes an attacker's perspective to discover unknown assets and prioritize exposures based on their potential for exploitation.

  • Censys

    A specialized company that continuously scans the entire internet to create a comprehensive map of global assets. Their Attack Surface Management platform allows organizations to discover, inventory, and assess their external-facing digital footprint.

  • Mandiant (Google Cloud)

    Offers an Attack Surface Management solution that combines Google's vast visibility of the internet with Mandiant's frontline threat intelligence to provide a continuously updated view of an organization's exposures and high-risk assets.

RELATED TERMS IN THREATS & ATTACKS