Ever wondered how installing a program affects the security of your system? Or are you a software developer and wondering something similar? Microsoft has a groovy tool that will analyze your Windows system before a program installed, analyze it again post-installation, and them compare the two reports and show you any known vulnerabilities created.
Developed by the Security Engineering group, Attack Surface Analyzer is the groovy little utility we are talking about. Some use cases for this application suggested by Microsoft allow:
– Developers to view changes in the attack surface resulting from the introduction of their code on to the Windows platform
– IT Professionals to assess the aggregate Attack Surface change by the installation of an organization’s line of business applications
– IT Security Auditors evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews
– IT Security Incident Responders to gain a better understanding of the state of a systems security during investigations (if a baseline scan was taken of the system during the deployment phase)
The best part is it doesn’t take much time to set up. Installation is simple, and setup comes in the fashion of a single file.
Threat tests are performed and recorded in .CAB files. Attack Surface Analyzer requires you to manually scan your system both before and after installing an application; at which point you can compare the two .CAB files (scans) to see the differences in system configuration.
Each scan can take a good bit of time, and Attack Surface Analyzer isn’t easy on system resources either. If you are going to be scanning, set aside a 15-30 minutes of time for web browsing or light computer use as the load it puts on your system strains it doing anything else.
Ready to try it out?