Glossary

Attack surface reduction describes the decisions and actions an organization takes to remove potential points of entry on its attack surface or to bolster the security of assets to make them less vulnerable to attack. Attack surface reduction can involve many different techniques, such as removing redundant applications, eliminating user accounts that are no longer used or needed, and segmenting the company’s network, among others.