Attack Surface
Definition
The attack surface is the total sum of all points — including software, hardware, network endpoints, APIs, cloud services, and human factors — where an unauthorized user could attempt to enter or extract data from an environment.
Buyer context
As organizations adopt cloud services, remote work, and third-party integrations, their attack surface expands. Attack surface management (ASM) is the practice of continuously discovering, inventorying, and reducing these exposure points. SOC providers factor attack surface data into their monitoring to focus detection on the most exposed and critical assets.