- Insights
- Attack Surface vs. Attack Vector
Table of Contents
- Introduction
- What is attack surface?
- What to protect in your attack surface?
- How to map your attack surface?
- Difference between attack surface & attack vector
- How can real-time visibility protect your attack surface?
- What is attack surface intelligence?
- Getting started with attack surface intelligence
- How continuous ASI compares with pen-testing?
People often get the terms attack surface, and attack vector confused. Though these terms are related, they hold a different meaning altogether.
What is an Attack Surface?
Attack surface is the sum of all the touchpoints on your network where an adversary can attempt to gain entry across your hardware, software, cloud, and network components. These components can include,
- Managed and unmanaged devices
- Cloud storage and apps
- IoT devices
- Wi-Fi access points and routers
- Servers
- VPN
- Firewalls
- SaaS solutions
- Third-party vendors, and more.
An organization’s attack surface constantly expands and shape-shifts in both physical and digital dimensions, making it quite a task to manage it. However, organizations can reduce the risk to their attack surface with continuous mapping and real-time visibility.
What is an attack vector?
An attack vector is the actual method that a threat actor uses to breach or infiltrate your network.
Attack vectors may target weaknesses in your security and overall infrastructure, or they may even target the people in your organization.
Some of the most used attack vectors are,
- Man-in-the-middle
- Compromised credentials
- Weak and stolen credentials
- Malicious insider
- Missing or poor encryption
- Misconfiguration
- Ransomware
- Phishing
- Spear-phishing
- Zero-day vulnerability
- Physical theft
- Misused trust relationships, etc.