The number of potentially vulnerable objects in a computer system. The term is applied when assessing the resources required to protect a specific network or device. An important information security task is to reduce the number of vulnerable points while maintaining system functionality. The attack surface can be reduced, for example, by disconnecting open ports that are not being used.