The attack surface is the total sum of all points where an unauthorized user could attempt to enter or extract data from a system. This includes open ports, running services, APIs, and any exposure point accessible from outside the security boundary.
Reducing the attack surface is one of the most effective security strategies available. Every unnecessary service or open port that gets removed shrinks the number of ways an attacker can gain entry.
CISSP Relevance
Attack surface management ties directly to Domain 3 (Security Architecture and Engineering) and Domain 1 (Security and Risk Management). CISSP candidates must understand how architecture decisions expand or shrink the attack surface.
External reference: CISA Attack Surface Management Guidance
Related terms: Vulnerability, Threat Modeling