Attack Surface

The attack surface of an organisation or individual is the sum of all the different points — software interfaces, open ports, user accounts, physical devices, and human touchpoints — through which an attacker could attempt to enter or extract data. The larger and more complex the attack surface, the harder it is to defend.

Attack surface analysis is a core discipline in security engineering. Practitioners map every exposed component: public-facing web applications, remote-access tools, employee email accounts, third-party software integrations, USB ports on workstations, and even the people who can be socially engineered. Any element that accepts input from an untrusted source is a potential entry point.

Reducing the attack surface — by disabling unused services, removing legacy software, enforcing least-privilege access, and retiring obsolete hardware — is one of the most effective proactive defences. Scammers and attackers specifically probe organisations to discover unpatched, forgotten, or poorly monitored parts of the attack surface that defenders may overlook.