Attack surface

Attack surface

The attack surface of a software environment is the scope of functionality that is available to any application user, particularly unauthenticated users.

This includes, but is not limited to:
* User input fields
* Protocols
* Interfaces
* Services

One approach to improving information security is to reduce the attack surface, making a piece of software harder to attack. However, this approach does little to mitigate the amount of damage a determined attacker can inflict once a vulnerability is found.

See also

*Vulnerability (computing)
*Computer security

References

External links

* [http://msdn2.microsoft.com/en-us/magazine/cc163882.aspx Mitigate Security Risks by Minimizing the Code You Expose to Untrusted Users] on MSDN
* [http://www.cs.cmu.edu/~pratyus/as.html Attack Surface Measurement]
* [http://www.cylab.cmu.edu/default.aspx?id=2122 Attack Surface Measurement] at Carnegie Mellon CyLab


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Surface Detail —   …   Wikipedia

  • Attack on Pearl Harbor — Part of the Pacific Theater of World War II …   Wikipedia

  • Attack on Sydney Harbour — Infobox Military Conflict conflict=Attack on Sydney Harbour partof=the Battle for Australia during World War II caption=1 June 1942. A Japanese Ko hyoteki class midget submarine, believed to be Midget No. 14, is raised from Sydney Harbour date=31 …   Wikipedia

  • Attack Squadron 46 (United States Navy) — Infobox Military Unit unit name= Attack Squadron 46 caption= VA 46 insignia dates= May 24 1955 – June 30 1991 country= United States allegiance= branch= United States Navy type= All Weather Attack role= size= command structure= Inactive current… …   Wikipedia

  • Attack on Pearl Harbor (video game) — Infobox VG| title = Legendo s Attack on Pearl Harbor| developer = Legendo Entertainment publisher = Legendo Entertainment (EU Asia) CDV (North America Mexico) distributor = Ascaron (UK Ireland) Atari (Germany) SimBin (Scandinavia Finland) Akella… …   Wikipedia

  • Attack submarine — Submarine Sub ma*rine , n. 1. A submarine boat; a ship that can travel under the surface of the water. Most such ships are ships of war, as part of a navy, but submarines are also used for oceanic research. Also called {sub} and (from the German… …   The Collaborative International Dictionary of English

  • Zero-day attack — This article is about technical vulnerabilities. For other uses, see Zero day (disambiguation). A zero day (or zero hour or day zero) attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are… …   Wikipedia

  • Shark attack — Attack of a person by a shark. Not all shark attacks are feeding events. Sharks sometimes grab people by mistake. Other times an attack may protect a shark s space, much as a dog barks at and bites intruders. To decrease the chance of becoming a… …   Medical dictionary

  • vectored attack — Attack in which a weapon carrier (air, surface, or subsurface) not holding contact on the target is vectored to the weapon delivery point by a unit (air, surface, or subsurface) which holds contact on the target …   Military dictionary

  • Angle of attack — In this diagram, the black lines represent the flow of a fluid around a two dimensional airfoil shape. The angle α is the angle of attack. Angle of attack (AOA, α, Greek letter alpha) is a term used in fluid dynamics to describe the angle between …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”