application-security

Attack Surface

Definition

The attack surface is the sum of all points where an attacker could attempt to enter or extract data from an application or system. It encompasses exposed APIs, open ports, user input fields, authentication endpoints, and third-party integrations.

Reducing the attack surface — by disabling unused features, minimizing exposed interfaces, and applying least privilege — is a core security engineering principle.

Related Terms

Threat Modeling

Least Privilege

Principle of Least Privilege

Defense in Depth

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product