Mitigating Security Threats by Minimizing Software Attack Surfaces

May, 2008


An important method for improving the security of software is to assess and minimize the system’s “attack surface.” In this report, we provide a conceptual understanding of attack surfaces and explore how to use this concept to improve security of both internally-developed software as well as systems purchased as off-the-shelf software. We conclude by recommending best practices for limiting attack opportunities on IT systems. (4 pp., 2 figs.)
[Executive Summary]