richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
iso27diy-corp/Corpus/Literature notes/Attack Surface Analysis.md

8 lines
No EOL
846 B
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

NIST Definition of Attack Surface: "The set of points on the boundary of a system, a system element, or an environment where an attacker can try to enter, cause an effect on, or extract data from, that system, system element, or environment." ([source](https://csrc.nist.gov/glossary/term/attack_surface))
"Attack Surface Analysis is about mapping out what parts of a system need to be reviewed and tested for security vulnerabilities." [OWASP Attack Surface Analysis Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Attack_Surface_Analysis_Cheat_Sheet.html)
Software Attack Surface Analysis [Blogpost](https://blogs.perficient.com/2021/08/31/software-attack-surface-analysis/) by Perficient
What is an Attack Surface? (And How to Reduce It)  [Blogpost](https://www.okta.com/identity-101/what-is-an-attack-surface/) by Okta
Reference in a new issue View git blame Copy permalink