An attack surface is the entire area of an organization or system that is susceptible to hacking. It’s made up of all the points of access that an unauthorized person could use to enter the system. Once inside your network, that user could cause damage by manipulating or downloading data.
The smaller your attack surface, the easier it is to protect your organization. Conducting a surface analysis is a good first step to reducing or protecting your attack surface. Follow it with a strategic protection plan to reduce your risk of an expensive software attack or cyber extortion effort.
A Quick Attack Surface Definition
An attack surface is essentially the entire external-facing area of your system. The model contains all of the attack vectors (or vulnerabilities) a hacker could use to gain access to your system.
Vulnerabilities are everywhere, and often, they're exploited. For example, in 2014, reporters said nearly half of all Fortune 500 companies had employee email addresses and passwords exposed in hacker forums within the year.