Attack Surface News, Articles and Updates

What lies beneath? - Tackling the threat of BIOS attacks

Attackers are always on the lookout for new vectors and unmonitored devices are attractive targets; Paul McKiernan warns, ensure that a security stack covers every attack vector - below the OS, in the OS and above the OS.

InfoSec 2017: Memory-based attacks on printers on the rise, says HP

Increase in use of printers as an attack vector for hackers: recommended that purchasing decisions include security considerations, not just price.

Analysing the attack surface

Enterprises today are under more pressure than ever to minimise their "attack surface." That is, they need to detect Indicators of Exposures (IOEs), identify vulnerabilities and capture and correct misconfigurations in security and network devices in both physical and virtual environments. This is an extremely challenging assignment. The IT organisation must locate tens-of-thousands of vulnerabilities and misconfigurations concealed on its network, analyse and prioritise those vulnerabilities and misconfigurations and remediate the most critical.