Frameworks & standards
Attack Surface
An attack surface is the total set of entry points - endpoints, parameters, services, hosts, and interfaces - through which an attacker could attempt to compromise a system or exfiltrate data. Understanding and continuously mapping the attack surface is the foundation of both offensive testing and attack-surface management (ASM).
Key points
- Includes every reachable endpoint, parameter, and service.
- Grows and shifts with every deploy.
- Mapping it is the first step of testing and ASM.
Related
Impactr is an autonomous AI penetration testing platform - it investigates, chains, and proves web and API vulnerabilities with reproducible evidence.
Join the waitlist