
What is Attack Surface?
The word “attack surface” refers to the portions of a system, device, or network that include security flaws that can be exploited. The attack surface of a company’s computer systems and devices might vary greatly depending on what they’re utilized for and how they’re configured. This is not to be confused with the term “attack surface in ethical hacking,” which refers to the possible risk provided by vulnerabilities in an operating system or application installed on a computing device.
Understanding Attack Surface
In practice, this method can be used to identify if a device is vulnerable to known and undiscovered ways of attack, such as analyzing the operating system an attacker might use.
For example, if an organization’s IT infrastructure employs the Linux operating system for its email platform, it may be vulnerable to an attack exploiting the shell shock vulnerability. Attack surfaces can also be used to look for vulnerabilities in non-operating system software and hardware components such as switches and routers, though these are often more difficult to fix.
Read related articles: