Attack Surface

Attack surface is the total ranges of all possible entry points that cybercriminals could use to launch unauthorized access or compromise devices and systems of an organization. As a best practice, organizations should minimize the attack surface as much as possible to safeguard their assets. Attack vectors may try to compromise organizations through digital attack surfaces and/or physical attack surfaces. And attack surfaces may occur due to vulnerabilities in personnel, physical security, databases, networks and other information system environments.

The following are some of the attack surface minimization techniques:

• Disable unnecessary services and ports
• Employ vulnerability management
• Conduct penetration testing
• Surf world wide web securely (https)
• Deploy data loss prevention (DLP)
• Network segmentation
• Access control systems
• Apply DNSSEC
• More