Attack surface

From Wikipedia, the free encyclopedia

The attack surface of a software environment is the scope of functionality that is available to any application user, particularly unauthenticated users.

This includes, but is not limited to:

User input fields
Protocols
Interfaces
Services

One approach to improving information security is to reduce the attack surface, making a piece of software harder to attack. However, this approach does little to mitigate the amount of damage a determined attacker can inflict once a vulnerability is found.

[edit] References

[edit] See also

Vulnerability (computing)

Computer security

Please help improve this section by expanding it.
Further information might be found on the talk page or at requests for expansion.

[edit] External links

This software-related article is a stub. You can help Wikipedia by expanding it.

Categories: Security software | Software stubs

Hidden categories: Articles to be expanded since June 2008 | All articles to be expanded

Views

Interaction

Search

Languages

Русский

Powered by MediaWiki

Wikimedia Foundation

This page was last modified 19:48, 5 June 2008 by Wikipedia user Infraredflower. Based on work by Wikipedia user(s) SmackBot, Johnkenyon, JL-Bot, SaintPatrick, BeakWiki, John Reed Riley, Greenrd, Yuriybrisk, Roboto de Ajvol, Uncle G, JonHarder, Valrith, Dammit and Mattord and Anonymous user(s) of Wikipedia.
All text is available under the terms of the GNU Free Documentation License. (See Copyrights for details.)
Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a U.S. registered 501(c)(3) tax-deductible nonprofit charity.
About Wikipedia
Disclaimers