Get a demo
PlatformPartnersCompanyBlog
Security Concepts

Attack Surface

Attack Surface

An organization's attack surface is the complete set of vulnerabilities, entry points, and exposure points through which a threat actor can attempt to gain unauthorized access to systems, data, or networks.

Types of Attack Surface

Digital Attack Surface

  • Internet-facing applications and APIs
  • Cloud infrastructure and SaaS platforms
  • Email systems and communication tools
  • Remote access endpoints (VPN, RDP)
  • DNS records and certificates

Human Attack Surface

  • Social engineering susceptibility
  • Phishing vulnerability
  • Insider threats
  • Credential reuse and weak passwords

Physical Attack Surface

  • Office buildings and facilities
  • Hardware devices (USB ports, IoT devices)
  • Printers and network equipment

Attack Surface Management (ASM)

ASM is the continuous process of discovering, inventorying, classifying, and monitoring an organization's external-facing assets to understand and reduce exposure.

Key ASM Activities

  1. Asset Discovery: Identifying all internet-facing assets, including shadow IT
  2. Risk Assessment: Evaluating the risk associated with each asset
  3. Monitoring: Continuously tracking changes to the attack surface
  4. Remediation: Reducing unnecessary exposure and hardening systems

Why It Matters

You can't protect what you don't know about. As organizations adopt cloud services, remote work, and third-party integrations, the attack surface expands rapidly — often beyond what security teams can manually track.

Related Terms

Related Reading

Glossary

Initial Access

Initial access encompasses the techniques adversaries use to gain their first foothold in a target environment — the critical entry point that all subsequent attack activities depend on.

Blog

Exploit Party: Bring Your Own Vulnerable Driver Attacks

BYOVD or Bring Your Own Vulnerable Driver is an attack where a threat actor brings a legitimately signed and vulnerable driver to perform malicious actions on the system. In a BYOVD attack, the attacker can use the vulnerabilities in the driver to execute malicious actions with kernel-level privileges!

Blog

What CERT-In’s AI Threat Blueprint Means for Adversarial Exposure Validation

CERT-In’s blueprint points toward a cybersecurity model that is continuous, threat-informed, and evidence-led. Here is what that means in practice, and how adversarial exposure validation helps organisations test whether their controls actually work against AI-assisted threats.

Guide

What is Breach and Attack Simulation (BAS)?

Breach and Attack Simulation (BAS) is a technology allowing enterprises to continually and consistently simulate the complete attack cycle against enterprise security infrastructure, using software agents, virtual machines etc. Over the last couple decades, the vital need to protect increasingly digitised enterprises from cyberthreats has driven international spending on cybersecurity to multi-billion dollars per annum. However, attackers are still able to breach an organisation's security defences.The problem is apparent: Security is tricky; misconfigurations and vulnerabilities are common, leading to breaches.

← Back to Glossary