Software Environment Attack Surface
(Redirected from Attack surface)
Jump to navigation
Jump to search
An Software Environment Attack Surface is a attack vectors where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment.
- See: Vector (Malware), Software.
References
2017
- (Wikipedia, 2017) ⇒ https://en.wikipedia.org/wiki/Attack_surface Retrieved:2017-10-20.
2017
- (Wikipedia, 2017) ⇒ https://en.wikipedia.org/wiki/Attack_surface#Surface_Reduction Retrieved:2017-10-20.
- The basic strategies of attack surface reduction include the following: reduce the amount of code running, reduce entry points available to untrusted users, and eliminate services requested by relatively few users. One approach to improving information security is to reduce the attack surface of a system or software. By turning off unnecessary functionality, there are fewer security risks. By having less code available to unauthorized actors, there will tend to be fewer failures. Although attack surface reduction helps prevent security failures, it does not mitigate the amount of damage an attacker could inflict once a vulnerability is found.