What Does Attack Surface Mean?
The attack surface of a system is the complete set of vulnerabilities that exist within that system. It is a metaphor used for assessing security in a hardware and software system. The attack surface is not an actual surface, but it helps the individual to visualize where vulnerabilities are in a system.
Techopedia Explains Attack Surface
IT professionals often talk about “wide” or “thin” attack surfaces, or “large” or “small” attack surfaces. For instance, one of the selling points of container virtualization has been the idea of positioning data in containers to present a thinner attack surface. The general idea is that as the number of unique vulnerabilities decreases, the attack surface becomes smaller. This is a handy idea in cybersecurity, but has some amount of subjectivity attached. Professionals might talk about the attack surface in terms of operating systems, storage media, identifying physical and digital assets or analyzing networks.