Back to Glossary
Attacks
What is Attack Surface?
The total number of points where an unauthorized user could attempt to enter or extract data from a system.
A smaller attack surface means fewer opportunities for attackers.
Types
- Network: Open ports, exposed services, public APIs
- Software: Installed applications, running services, dependencies
- Physical: USB ports, physical access to devices
- Human: Social engineering targets, phishing susceptibility
Reducing Attack Surface
- Remove unnecessary software and services
- Close unused network ports
- Keep software updated
- Use firewalls and network segmentation
- Minimize the number of people with privileged access
- Disable unused device features (Bluetooth, NFC, AirDrop)
Related Terms
Port Scanning
A technique used to discover which network ports are open on a target system, often used in reconnaissance before an attack.
Threat Modeling
The systematic process of identifying potential threats, vulnerabilities, and attack vectors to determine appropriate security and privacy measures.
Have more questions?
Use our guided flow to get the right next privacy step for Attack Surface.
Open Guided Flow