Today at Black Hat DC, Microsoft is releasing a beta version of Attack Surface Analyzer, a new (and free!) tool designed to help assess the security of applications.
According to Microsoft, Attack Surface Analyzer is the same tool used by Microsoft’s internal product teams to catalog changes made to the operating system by the installation of new software.
The tool takes a snapshot of a system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface. Attack Surface Analyzer doesn’t analyze a system based on signatures or known vulnerabilities, but looks for classes of security weaknesses when applications are installed on a (Windows) system.
The tool performs checks such as analysis of changed or newly added files, registry keys, services, ActiveX Controls, listening ports, access control lists and other parameters that affect a computer’s attack surface, giving an overview of the changes to the system Microsoft considers important to the security of the platform. The Microsoft Security Development Lifecycle (SDL) requires development teams to define a given product’s default and maximum attack surface during the design phase to reduce the likelihood of exploitation wherever possible.
Core Features of the Attack Surface Analyzer Enable IT Professionals to:
• View changes in the attack surface resulting from the introduction of their code on to the Windows platform
• Assess the aggregate Attack Surface change by the installation of an organization’s line of business applications
• Evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews
• Gain a better understanding of the state of a systems security during investigations (if a baseline scan was taken of the system during the deployment phase)
In addition to the Attack Surface Analyzer tool, Microsoft is releasing the next version of the Microsoft SDL Threat Modeling Tool, as a beta at the Black Hat conference. David Ladd, Principal Security Program Manager, Security Development Lifecycle Team at Microsoft shares more information in a blog post here.
More information on Attack Surface Analyzer beta by Microsoft and other tools supporting the Microsoft SDL is available here.
The Microsoft Attack Surface Analyzer can be downloaded here.

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.
More from Mike Lennon
- Check Point to Acquire SASE Security Firm Perimeter 81 for $490 Million
- Rapid7 Announces Layoffs, Office Closings Under Restructuring Plan
- Horizon3 AI Raises $40 Million to Expand Automated Pentesting Platform
- Watch Now: Cloud & Data Security Summit Sessions
- Watch on Demand: 2023 CISO Forum Sessions
- Virtual Event Today: CISO Forum 2023 – Register to Join
- Watch Now: Threat Detection and Incident Response Virtual Summit
- Registration Now Open: 2023 ICS Cybersecurity Conference | Atlanta
Latest News
- Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
