Attack Surface Analyzer 2.0 announced by Microsoft.
Attack Surface Analyzer 2.0 helps identify potential security risks introduced by new or untrusted software by detecting changes to key areas of the system security configuration including:
- File System
- User Accounts
- System Services
- Network Ports (listeners)
- System Certificate Store
- Windows Registry
It includes static change detection between snapshots of these key areas and a real-time file change monitoring option as well as an export feature of analysis data which is stored in a local SQLite database file. Additional collection types and improvements are planned to be released later this year.
The tool includes both a scriptable command line interface (CLI) and an Electron based option and it allows for your own custom front end to call the underlying core components programmatically for a different or white label client experience. The entire codebase has been released as an Open Source project on GitHub. A key improvement over the classic version is the application now comes with cross-platform support for Windows, Linux and macOS.