Word of the Day – September 23, 2022
attack surface
Acronyms
- None
Preferred Term
- None
Non-standard Terms
- None
Definitions
| Type | Definition | Sources |
|---|---|---|
| Noun | The attack surface of a software environment is the code within a computer system that can be run by unauthorized users. This includes, but is not limited to: user input fields, protocols, interfaces, and services. (used 30 times in citations and controls) |
|
| Noun | The set of points on the boundary of a system, a system component, or an environment where an attacker can try to enter, cause an effect on, or extract data from, that system, component, or environment. (used 8 times in citations and controls) | |
| Noun | The amount of ICT equipment and software used in a system. The greater the attack surface the greater the chances of an adversary finding an exploitable security vulnerability. (used 5 times in citations and controls) |
Other Forms
| Type | Other Form |
|---|---|
| Plural | attack surfaces |
| Plural Possessive | attack surfaces' |
| Possessive | attack surface's |
Relationships
Common Controls
Displaying Controls in which this term is tagged –
Show all Controls containing this term regardless of tagging
Displaying Controls containing this term –
Show only Controls in which this term is tagged
| ID | Control |
|---|---|
| {{ control.id }} | {{ control.name }} |
| None | |
Citations
Displaying Citations in which
this term is tagged –
Show all Citations containing this term regardless of tagging
Displaying Citations containing this term –
Show only Citations in which
this term is tagged
| AD ID | Authority Document | CT ID | Reference | Guidance | CC ID |
|---|---|---|---|---|---|
| {{ citation.authority_document.id }} | {{ citation.authority_document.common_name }} | {{ citation.id }} | {{ citation.reference }} | {{ citation.guidance_as_tagged || citation.guidance }} | {{ citation.control.id }} None |
| None | |||||