wiredmikey (1824622) writes "Microsoft has released the public version of Attack Surface Analyzer, a tool designed to help software developers and independent software vendors assess the attack surface of an application or software platform. The tool was pushed out of beta with Version 1.0 released on Thursday.
Since ASA doesn't require the original source code, managers and executives can also use the tool to determine how a new application or software being considered would affect the organization's overall security before deploying it.
The tool takes snapshots of the system before and after an application was installed, and compares them to identify changes made when new applications were installed. A stand-alone wizard guides users through the scanning and analysis process and a command-line version is available for use with automated tools.
Attack Surface Analyzer 1.0 can be downloaded from Microsoft here."
Link to Original Source