Security Talk: Fending Off Attacks by Reducing an Application's Attack Surface
The attack surface of an application is the set of ways in which an adversary can enter the software and potentially cause damage. The larger the attack surface, the more insecure the software. Reducing the attack surface is a key security practice required in the design phase of Microsoft Security Development Lifecycle (SDL) process. Attack surface reduction reduces the inherent risk the software application carries. The presenter of this podcast explains best practices for minimizing code exposed to untrusted users and protecting against vulnerabilities and threats that one don't know about.