New: Autonomous AI risk intelligence is live — your compliance program in 12 minutes. Get started →
← Glossary · Cyber

Attack Surface

The set of external-facing systems, services, and data an attacker could target.

Attack surface includes domains, subdomains, exposed ports and services, cloud storage, SaaS integrations, and code repositories. Every subdomain launched, every service exposed, every S3 bucket left public expands it.

Attack surface management (ASM) continuously enumerates and monitors this exposure so it can be pruned before it's exploited.

Related terms

See how Scarlet Risk covers Attack Surface.

One platform for compliance, cyber, crypto, and world-watch risk.

Schedule Live Demo