Mitigating Security Threats by Minimizing Software Attack Surfaces

May, 2008

$95.00

An important method for improving the security of software is to assess and minimize the system’s “attack surface.” In this report, we provide a conceptual understanding of attack surfaces and explore how to use this concept to improve security of both internally-developed software as well as systems purchased as off-the-shelf software. We conclude by recommending best practices for limiting attack opportunities on IT systems. (4 pp., 2 figs.)
[Executive Summary]