Attack Surface

Security+ 🏆 • Security Operations 🛡️ • Secure Development ⚙️ • Difficulty: free

Definition

Attack surface is the total set of ways an attacker can interact with and potentially exploit a system. It includes exposed services, reachable interfaces, user entry points, permissions, and dependencies that could be targeted to gain unauthorized access or cause harm.

Examples

A web app’s attack surface includes its login page, API endpoints, file upload feature, and the cloud storage permissions behind it.
An organization reduces attack surface by disabling unused ports and removing outdated services from internet-facing servers.

Discover 🔎

Security becomes easier when there is less to defend. Attack surface is a way to describe everything that can be attacked. When people talk about “reducing attack surface”, they mean removing or tightening those points of contact so attackers have fewer opportunities to get in or cause damage. This idea applies to a single application, a whole enterprise network, and even a person’s online accounts.

Remember: Attack surface is not only what is on the internet. It includes internal entry points too, especially those reachable after a foothold.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.