Microsoft has released Attack Surface Analyzer beta, a tool the company has used internally for five years to help IT departments tackle IT security.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The Microsoft verification tool highlights changes in system state, runtime parameters and securable objects on the Windows operating system. This analysis helps developers, testers and IT professionals identify increases in the attack surface caused by installing applications on a machine, Microsoft said.
The tool takes snapshots of an organisation's system and compares ("diffing") these to identify changes.
Microsoft uses the Attack Surface Analyzer beta for the verification phase of its Security Development Lifecycle (SDL). By making the tool available, Microsoft hopes developers will be able to use it to verify that they have built and deployed their applications in accordance with Microsoft's SDL guidelines