Attack Surface AnalyzerAnalyze changes to Windows Attack Surface | |
Download |
Attack Surface Analyzer Ranking & Summary
Advertisement
- License:
- Freeware
- Publisher Name:
- Microsoft
- Operating Systems:
- Windows 2008 / Vista64 / 7 x64
- File Size:
- 1.6 MB
Attack Surface Analyzer Tags
- analyzer Analyze snapshot surface attack detect changes Attack amplification fast attack attack time Surface Map Surface Explorer xss attack preventer Surface test System Snapshot snack attack qwek attack Glaciate surface surface implementation dragonfly attack screensaver internet attack Surface Parametrizer analyze mirror surface error aerodynamic surface surface extrude analyze parametric surface analyze implicit surface simulate implicit surface XSS attack attack desktop analyze surface Surface Analyzer snoops attack fibrous surface
Attack Surface Analyzer Description
The Attack Surface Analyzer application is similar to the same tool used by Microsoft's internal product teams to catalogue changes made to the operating system by the installation of new software. Attack Surface Analyzer takes a snapshot of your system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface. This allows: - Developers to view changes in the attack surface resulting from the introduction of their code on to the Windows platform - IT Professionals to assess the aggregate Attack Surface change by the installation of an organization's line of business applications - IT Security Auditors evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews - IT Security Incident Responders to gain a better understanding of the state of a systems security during investigations (if a baseline scan was taken of the system during the deployment phase) Attack Surface Analyzer scans the system to identify potential security issues. To isolate the results to those specific to your product, it should be scan the system at least twice: - The first scan, called the baseline, should be run on a clean system without your product installed, but with external dependencies such as SQL Server already installed. - The following scan, called the product scan, should be run after installing your product to the system. Each scan will generate a .CAB file that can be analyzed to generate a report identifying potential issues. Pairs of scans, made up of a .CAB file generated before a product installation and a .CAB file generated after, can be analyzed to determine issues present on the system and changes to the system's attack surface resulting from the installation. Generating new .CAB pairs while enabling and disabling different product features may allow you to better isolate the source of identified issues.
Attack Surface Analyzer Related Software