Microsoft's Trustworthy Computing (TWC) unit released the full version of its Attack Surface Analyzer today.The Attack Surface Analyzer 1.0 release comes at the end of the tool's beta phase.
The purpose of this tool is to help software developers, Independent Software Vendors (ISVs) and IT Professionals better understand changes in Windows systems’ attack surface resulting from the installation of new applications. Since the launch of Attack Surface Analyzer, the company has received positive feedback about the value it has provided to customers.
"The tool also gives an overview of changes to the system that Microsoft considers important to the security of the platform, and it highlights these changes in the attack surface report," wrote a TwC representative in a blog post.
This release includes performance enhancements and bug fixes to improve the user experience. Through improvements in the code, they were able to reduce the number of false positives and improve Graphic User Interface performance. This release also includes documentation and guidance to improve ease of use.
As well as helping IT departments, the tool is also designed to help application developers ensure that their products don't weaken Windows computers' cyber defences.
The Attack Surface Analyzer enables:
- Developers to view changes in the attack surface resulting from the introduction of their code on to the Windows platform
- IT Professionals to assess the aggregate attack surface change by the installation of an organization's line of business applications
- IT Security Auditors to evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews
- IT Security Incident Responders to gain a better understanding of the state of a systems security during investigations (if a baseline scan was taken of the system during the deployment phase)
No comments:
Post a Comment