Attack Surface

The set of ways in which an adversary can enter a system and potentially cause damage.

Extended Definition: An information system’s characteristics that permit an adversary to probe, attack, or maintain presence in the information system.

Adapted from: Manadhata, P.K., & Wing, J.M. in Attack Surface Measurement, retrieved from

Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies ( as of 11 November 2015, Global Standards

Comments are closed.