Daniel Roberson - attack surface reduction

attack surface reduction

0001-01-01

Attack surface reduction is the processes and techniques involved with reducing the exposure available for attackers to perpetrate cyberattacks.

Hosts are often victimized due to unused software exposing attack surface to the attacker. Had this vulnerable software been simply turned off, firewalled, or uninstalled, the attack couldn’t have taken place to begin with.

Links to this note

Recent Posts

Linux Persistence: Modular Software

2025-04-17 DFIR CTF persistence linux persistence apache asterisk

Linux Persistence: Web Shells

2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP

Linux Persistence: Rootkits

2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking

Linux Persistence: Processes

2025-04-11 DFIR persistence processes linux persistence processes

Defanging Linux LKM Rootkits With cleanup_module()

2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit