Attack Surface Analyzer is developed by the Microsoft Security Engineering Center (MSEC). It is the same tool used by Microsoft's internal product groups to catalog changes made to the operating system attack surface by installing new software.

Attack Surface Analyzer is developed by the Microsoft Security Engineering Center (MSEC). It is the same tool used by Microsoft's internal product groups to catalog changes made to the operating system attack surface by installing new software.

Attack Surface Analyzer takes a snapshot of your system state before and after installing the product(s). It displays the changes to several key elements of the Windows attack surface.

This allows the following:
Developers to view changes in the attack surface resulting from the introduction of their code onto the Windows platform
IT Professionals to assess the aggregate attack surface change by the installation of an organization's line of business applications
IT Security Auditors to evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews
IT Security Incident Responders to gain a better understanding of the state of a system's security during investigations (if a baseline scan was taken of the system during the deployment phase)

  Download