Cybersecurity
Attack Surface
Definition
An organization's attack surface is the sum of all of its internet-facing hardware, software, and services that are accessible from the public internet and could be vulnerable to attack. It is the combination of all potential attack vectors.
Why It Matters
The larger the attack surface, the more difficult it is to defend. A key goal of cybersecurity is to understand and minimize the attack surface by shutting down unnecessary ports, removing unneeded software, and limiting external access.
Contextual Example
The attack surface of a company includes its web servers, VPN gateways, email servers, and any other systems or ports that are exposed to the internet. An unknown, forgotten server running old software would be a dangerous part of the attack surface.
Common Misunderstandings
- Attack Surface Management (ASM) is the process of continuously discovering, analyzing, and securing an organization's attack surface.
- Cloud environments can have a large and dynamic attack surface if not managed carefully.