Microsoft Attack Surface Analyzer – Validate Apps Before Release and Deployment

This sounds incredibly useful; why didn’t somebody think of this earlier?

Microsoft has released a free tool for 32-bit and 64-bit editions of Windows that they have been using internally only for some time. The Attack Surface Analyzer assists “both testers and IT Pros in assessing the security of an application”. It does so by highlighting “the changes in system state, runtime parameters and securable objects on the Windows operating system” after the installation of new programs.

The tool takes two snapshots of the system, one before the installation and one after the installation. It compares the two snapshots to identify the changes. It looks in particular for “classes of security weaknesses as applications are installed on the Windows operating system”.

In addition, Microsoft Attack Surface Analyzer “gives an overview of the changes to the system Microsoft considers important to the security of the platform and highlights these in the attack surface report”.

The program stores the report in a cab file. The start page offers to run a new scan or to generated a report by comparing a previous scan with a new scan.

attack surface analyzer

Each scan performs several tasks, like enumerating files, handles or services. Some operations may take a while or show up as pending if they have not been started by the application.

The report is launched in the default web browser, a short explanation is available as well.

attack surface report

Attack Surface Analyzer is available as a 32-bit and 64-bit application at Please note that the application has been released as beta. Reports can be generated on Windows Vista, Windows 7 and Windows Server 2008 R1 and R2. The analysis of the data and report generation requires the Microsoft .NET Framework 3.5 in addition.

© Martin for gHacks Technology News, 2011. | Permalink | Add to, digg, facebook, reddit, twitter
Post tags: , , ,

Link to Original Content

Tags: , , ,

Comments are closed.