Calculators

Attack Surface Estimation Calculator

Industry (Benchmark)
5%/mo
Attack Surface Score34/100
Exposure Score31/100
Risk Levelmedium
Exposuremedium
Reachable20
Critical Exp.3

Risk by Category

Public IP AddressesDomainsCloud AccountsSaaS ApplicationsRemote WorkersIoT DevicesAPIs3P IntegrationsBYOD Devices0255075100

Attack Surface Trend (12 Months)

M0M1M2M3M4M5M6M7M8M9M10M120255075100
Projected growth at 5%/month across all categories

Surface Breakdown

Public IP Addresses (10)33
Domains (5)32
Cloud Accounts (3)33
SaaS Applications (25)44
Remote Workers (50)34
IoT Devices (10)33
Public-Facing APIs (5)32
Third-Party Integrations (10)38
BYOD Devices (20)31

Peer Comparison (tech)

CategoryYoursMedianvs Peers
Public IP Addresses1015Below
Domains58Below
Cloud Accounts35Below
SaaS Applications2540Below
Remote Workers50100Below
IoT Devices105Above
Public-Facing APIs512Below
Third-Party Integrations1020Below
BYOD Devices2030Below

Prioritized Reduction Actions

ActionImpactEffortRatio
Audit and retire unused domains (current: 5)-2low2
SaaS rationalization — eliminate redundant applications (current: 25)-2medium1
Conduct vendor risk assessments and minimize integrations (current: 10)-2medium1
Consolidate or decommission unused public IPs (current: 10)-2medium1
Segment IoT on isolated VLANs with monitoring (current: 10)-2medium1
Deploy API gateway with auth and rate limiting (current: 5)-2medium1
Enforce MDM compliance policies for BYOD (current: 20)-1low1
Deploy zero-trust network access for remote workers (current: 50)-2high0.7
Consolidate cloud accounts and enforce centralized IAM (current: 3)-2high0.7

Top Risk Areas

  • 1. SaaS Applications (score: 44)
  • 2. Third-Party Integrations (score: 38)
  • 3. Remote Workers (score: 34)
  • 4. Public IP Addresses (score: 33)
  • 5. Cloud Accounts (score: 33)

Recommendations

  • Attack surface is within acceptable bounds. Continue regular assessments.