Microsoft’s Attack Surface Analyzer matures

Attack Surface Analyzer logoMicrosoft has released version 1.0 of of its Attack Surface Analyzer, bringing the application out of beta status. Attack Surface Analyzer was originally announced in January 2011 and is designed to give developers and system administrators the ability to gauge how installing a certain application will effect the attack surface of a Windows system.The company says that it has received “quite a bit of positive feedback” on the tool and is now ready to make it available to the wider public.

The tool does not actually examine the installed software for vulnerabilities but scans the system before and after an installation has taken place. These include scans for added files, registry keys, opened ports and ActiveX controls. This process is designed to highlight changes that could have negative security implications. While the tool is mainly aimed at developers who want to test their application’s impact on systems, it can also be used by administrators to check whether installing a program has made the system less secure.

Attack Surface Analyzer is available from Microsoft free-of-charge for 32- and 64-bit Windows systems. The download page also includes instructions how to use the tool.





Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s