Attack Surface Analyzer Helps Developers During the Verification Phase of the Microsoft Security Development Lifecycle (SDL)
Microsoft has released the public version of Attack Surface Analyzer, a tool that determines the security of an application by examining how it affects the computer it is installed on.
Microsoft originally released Attack Surface Analyzer as a public beta in January 2011 during the Blackhat DC security conference. In the year and a half since, the company has reduced the number of false positives, enhanced performance, and made bug fixes, Monty LaRue and Jimmie Lee, Trustworthy Computing Security engineers at Microsoft, wrote on the Security Development Lifecycle blog Thursday. Attack Surface Analyzer 1.0 now has an improved graphical user interface and in-depth documentation, they wrote.
The verification tool is designed to help software developers and independent software vendors assess the attack surface of an application or software platform, Tim Rains, director of Microsoft’s Trustworthy Computing group, wrote on the Microsoft Security Blog Thursday. Developers and testers can use this to determine if their applications are secure. Since ASA doesn’t require the original source code, managers and executives can also use the tool to determine how a new application or software being considered would affect the organization’s overall security before deploying it.
“IT Security Auditors can use the tool to evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews,” Rains wrote.
The tool takes snapshots of the system before and after an application was installed, and compares them to identify changes made when new applications were installed. A stand-alone wizard guides users through the scanning and analysis process and a command-line version is available for use with automated tools.
The tool also gives an overview of changes to the system that Microsoft considers important to the security of the platform, and it highlights these changes in the attack surface report, LaRue and Lee wrote. The tool analyzes changed or newly added files, registry keys, services, ActiveX Controls, listening ports, access control lists and other parameters.
Analyzer does not appear to rely on signatures or try to exploit known vulnerabilities. Instead, it just looks at classes of security weaknesses where programs commonly fall short, or are exposed to attack vectors. The “Security Issues” tab on the highlights specific potential issues such as access control lists (ACLs) that could be problematic.
As part of the Software Development Lifecycle to encourage secure software development, Microsoft requires developers to run attack surface validations before releasing Windows applications. The Analyzer provides an overview of the changes so that the development team can define the product’s default and maximum attack surface, as required by the SDL.
Related Reading: Implementing a Secure Development Lifecycle: Lessons from the Trenches
