0

I would like to get some advice on how you approach a new software installation on Windows to be able to extract the impact that software makes on your system and attack surface.

I need to know what changes the software makes on the system such as registry, ACLs, services, processes, network settings (such as ports that it may have open for communication), and all folders and files it installed. In a nutshell, a holistic view of the Attack Surface.

I have been using a sandbox environment and Microsoft's Attack Surface Analyzer, however to my surprise it has missed some important security concerns.

0siris
  • 13
  • 1
  • 7
  • What's wrong with Microsoft's Attack Surface Analyzer? – Michael Hampton Jul 18 '18 at 22:51
  • @MichaelHampton It missed a folder that was given Read, Write, Execute to any user in a path where it is known that all the folders are to have restricted access. It is odd because it has picked up similar issues before. – 0siris Jul 18 '18 at 23:05

0 Answers0