Home » Glossary » Attack Surface

Attack Surface


A vulnerable point of entry in a network or computer that a crook can use for malicious purposes.

Understanding the Term

An attack surface is the weakest point of the system, which can be breached by malicious actors. It contains a collection of methods in which an attacker or an unauthorized manipulator can access the data and extract it from the system.

The attack surface is infiltrated by attack vectors, which can include buffer overflows, network protocol flaws, or web-based attack vectors such as trojans, adware, malware, and many more.

A system that has a larger attack surface is more vulnerable to attacks. It is fundamental when considering software security to keep the attack surface as small as possible. This can be done by applying a number of basic security measures:

?   Eliminating services that are employed by only a small group of individuals. There will be fewer attack vectors if unnecessary features are turned off.

?   By reducing the amount of code operating in the system, there will be fewer attack vectors as well.

?  Making fewer access points in the system will also result in fewer attack vectors                          


A system’s attack surface is an indicator of its security.

Post navigation