Microsoft introduces Attack Surface Analyser

By on
Microsoft introduces Attack Surface Analyser

Microsoft has launched a testing tool for developers to figure out the security implications of their apps.

The Attack Surface Analyser has been launched in beta form at the Blackhat DC event taking place in the US this week.

It is designed to help developers “identify increases in the attack surface caused by installing applications on a machine,” Microsoft explained in a Secure Development Lifecycle blog post.

“The tool takes snapshots of an organisation's system and compares … these to identify changes,” the company said.

“Some of the checks performed by the tool include analysis of changed or newly added files, registry keys, services, ActiveX Controls, listening ports, access control lists and other parameters that affect a computer's attack surface.”

The tool searches for classes of security weaknesses as applications are installed on to a Windows OS.

“The tool also gives an overview of the changes to the system Microsoft considers important to the security of the platform and highlights these in the attack surface report,” the Redmond giant said.

Developers will be pleased to hear Microsoft has made the technology available from now for free.

There has been plenty of debate around app security this week.

Facebook decided to rethink a feature designed to grant developers access to user phone numbers and addresses.

The social network said it wanted to ensure users were only giving away data they wanted.

Sophos suggested Facebook should adopt the “walled garden” approach Apple uses when it comes to allowing apps.

This article originally appeared at

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © ITPro, Dennis Publishing

Most Read Articles

Log In

Username / Email:
  |  Forgot your password?