People often get the terms attack surface, and attack vector confused. Though these terms are related, they hold a different meaning altogether.
What is an Attack Surface?
Attack surface is the sum of all the touchpoints on your network where an adversary can attempt to gain entry across your hardware, software, cloud, and network components. These components can include,
- Managed and unmanaged devices
- Cloud storage and apps
- IoT devices
- Wi-Fi access points and routers
- Servers
- VPN
- Firewalls
- SaaS solutions
- Third-party vendors, and more.
An organization’s attack surface constantly expands and shape-shifts in both physical and digital dimensions, making it quite a task to manage it. However, organizations can reduce the risk to their attack surface with continuous mapping and real-time visibility.
What is an attack vector?
An attack vector is the actual method that a threat actor uses to breach or infiltrate your network.
Attack vectors may target weaknesses in your security and overall infrastructure, or they may even target the people in your organization.
Some of the most used attack vectors are,
- Man-in-the-middle
- Compromised credentials
- Weak and stolen credentials
- Malicious insider
- Missing or poor encryption
- Misconfiguration
- Ransomware
- Phishing
- Spear-phishing
- Zero-day vulnerability
- Physical theft
- Misused trust relationships, etc.