Site icon Techno360

Attack Surface Analyzer released

Attack Surface Analyzer is developed by the Microsoft Security Engineering Center (MSEC). It is the same tool used by Microsoft’s internal product groups to catalogue changes made to the operating system attack surface by the installation of new software.

Attack Surface Analyzer takes a snapshot of your system state before and after  an application was installed, and compares them to identify changes made when new applications were installed. Instead of analyzing a system based on signatures or known vulnerabilities – the app looks for classes of security weaknesses as applications are installed on the Windows operating system.

The tool also gives an overview of changes to the system that Microsoft considers important to the security of the platform, and it highlights these changes in the attack surface report. Some of the checks performed by the tool include analysis of changed or newly added files, registry keys, services, Microsoft ActiveX controls, listening ports and other parameters that affect a computer’s attack surface.

The purpose of this tool is to help software developers, Independent Software Vendors (ISVs) and IT Professionals better understand changes in Windows systems’ attack surface resulting from the installation of new applications

The app has an easy to use user interface , which guides users through the scanning and analysis process; a command-line version supports automation and older versions of Windows, and assists IT professionals as they integrate the tool with existing enterprise management tools.

Microsoft Attack Surface Analyzer allows the following:

Attack Surface Analyzer does not require source code or symbol access, IT professionals and security auditors can also use the tool to gain a better understanding of the aggregate attack surface change that may result from the introduction of line-of-business (LOB) applications to the Windows platform.

Download :Attack Surface Analyzer 1.0 [ 32-bit]
Download : Attack Surface Analyzer 1.0 [64-bit]

Exit mobile version