From the course: CSSLP Cert Prep: 3 Secure Software Design
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Attack surface evaluation
From the course: CSSLP Cert Prep: 3 Secure Software Design
Attack surface evaluation
- [Narrator] By minimizing your app's attack surface, you can reduce both the likelihood and the impact of any attacks launched against your app. Before you can take action to reduce that risk, though, you'll want to perform an attack surface evaluation. Attack surface evaluation is a process of identifying all the parts of your app and the underlying app infrastructure that an attacker might target. Once you've got a solid idea of what the attack surface looks like, you'll also want to identify any mitigating controls you already have in place. This will help you pinpoint any missing controls that you may want to implement. Consider your web app from an attacker's point of view, specifically, I want you to think like an unauthorized outsider. You're sitting at your laptop, staring at the login page for an app that you want to attack. Where do you start? One area of your app's attack surface is the login interface, as…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.