Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
In this second article in my series focused on Microsoft’s free security tools, I’d like to introduce you to the Attack Surface Analyzer version 1.0. Back in January of 2011 the Security Development Lifecycle team released a beta version of the Attack Surface Analyzer and today they announced the release of version 1.0.
Attack Surface Analyzer can help software developers and Independent Software Vendors (ISVs) understand the changes in Windows systems’ attack surface resulting from the installation of the applications they develop. It can also help IT Professionals, who are responsible for managing the deployment of applications or the security of desktops and servers, understand how the attack surface of Windows systems change as a result of installing software on the systems they manage. Some use cases include:
This tool essentially allows you to take a “snap shot” of a bunch of security related information on a system. Then after the system changes, you can take another “snap shot” and the tool will compare the before and after “snap shots” and show you what changed in an HTML report. The security related information captured in a snap shot includes:
Figure: an example of an Attack Surface Analyzer report
The “Security Issues” tab highlights specific potential issues such as access control lists (ACLs) that could be problematic. The “Attack Surface” tab provides insight into what has changed on the system and how the attack surface of the system has been altered.
You can download the Attack Surface Analyzer version 1.0 for free from http://www.microsoft.com/en-us/download/details.aspx?id=24487
Tim RainsDirector, Trustworthy Computing
Read other parts of this series
Part 1: Microsoft’s Free Security Tools - Series IntroductionPart 2: Microsoft’s Free Security Tools - Attack Surface Analyzer